Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors.
The vulnerability results from lack of input data size verification before copying it to a memory buffer (CWE-120 — Classic Buffer Overflow). An attacker can send a specially crafted network request to the AdminCenter component, causing a buffer overflow. This allows overwriting memory areas and taking control of code execution on the device. The attack requires no authentication or user interaction.
An attacker can remotely execute arbitrary code on the device with AdminCenter process privileges, which in practice can lead to complete takeover of the device, loss of data confidentiality, and violation of system integrity and availability.
Synology BeeStation OS should be updated to version 1.3.2-65648 or later. Details are available in the official security bulletin from the manufacturer: https://www.synology.com/en-global/security/advisory/Synology_SA_25_12
Synology BeeStation OS versions earlier than 1.3.2-65648
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSynology Beestation Os
OSSynology1.0 – 1.3.2 (bez)
Related vulnerabilities
RCE w Synology BeeStation OS i DSM — błąd kodowania wyjścia w systemowym daemonie
OS Command Injection w Synology BeePhotos i Synology Photos — RCE bez uwierzytelnienia
Improper certificate validation vulnerability in the update functionality in Synology BeeStation OS (BSM) befo...
Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation OS (BSM) ...
CSRF umożliwiający RCE w Synology DiskStation Manager i Unified Controller