CVE-2019-11823

Beschreibung:
CRLF injection vulnerability in Network Center in Synology Router Manager (SRM) before 1.2.3-8017-2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.

CWE: CWE-125

CVSS-Bewertung
CVSS 2: MEDIUM – 5 (Version: 2.0)
CVSS 3: HIGH – 7.5 (Version: 3.1)

Links:

NVD – CVE-2019-11823
CVE – CVE-2019-11823

Link (max. 20) Quelle Tags
https://www.synology.com/security/advisory/Synology_SA_20_11 CONFIRM Vendor Advisory Third Party Advisory Vendor Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1051 MISC Exploit Third Party Advisory Third Party Advisory
https://bugs.exim.org/show_bug.cgi?id=2571 CONFIRM Third Party Advisory Third Party Advisory Third Party Advisory
DSA-4687 DEBIAN Patch Vendor Advisory VDB Entry
[debian-lts-announce] 20200518 [SECURITY] [DLA 2213-1] exim4 security update MLIST Third Party Advisory Third Party Advisory
USN-4366-1 UBUNTU Third Party Advisory Vendor Advisory
FEDORA-2020-2e084c987d FEDORA Third Party Advisory Third Party Advisory VDB Entry
FEDORA-2020-93d7305d71 FEDORA Third Party Advisory US Government Resource Vendor Advisory
[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim MLIST Mailing List Patch Third Party Advisory
[shiro-dev] 20201222 Re: Request for assistance to backport CVE-2020-13933 fix MLIST Mailing List Vendor Advisory
[shiro-dev] 20210130 Re: Request for assistance to backport CVE-2020-13933 fix MLIST Mailing List Vendor Advisory
[shiro-dev] 20210316 Re: Request for assistance to backport CVE-2020-13933 fix MLIST Mailing List Patch Vendor Advisory
[shiro-dev] 20210331 Re: Request for assistance to backport CVE-2020-13933 fix MLIST Mailing List Vendor Advisory
[shiro-dev] 20210407 Re: Request for assistance to backport CVE-2020-13933 fix MLIST Mailing List Vendor Advisory
[shiro-dev] 20210504 Re: Request for assistance to backport CVE-2020-13933 fix MLIST

Quelle: NVD – CVE-2019-11823
Datum Veröffentlichung: 2020-05-04T10:15Z, Datum letzte Änderung: 2021-05-12T14:15Z