An improper neutralization of special elements used in an command (‘OS Command Injection') in Directory Domain Functionality in Router Manager (SRM) before 1.3.1-9346-6 allows authenticated users to execute arbitrary commands via unspecified vectors.

This vulnerability allows -adjacent attackers to execute arbitrary code on affected installations of Synology RT6600ax . is required to this vulnerability.

Read more

Related Posts