CVE-2020-27660 SQL injection vulnerability in request.cgi
Virsec Security Research Lab Vulnerability Analysis
The Virsec Security Research Lab provides timely, relevant analysis about recent and notable security vulnerabilities.
1.1 Vulnerability Summary
SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter.
Watch the video to learn more about this and other important vulnerabilities.
1.2 CVSS Score
The CVSS Base score of this vulnerability is 9.8 Critical. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.3 Affected Version
Synology SafeAccess before 1.2.3-0234
1.4 Vulnerability Attribution
This issue was reported publicly by Omar Ganiev.
1.5 Risk Impact
No public exploits are available. As per this site, Synology Inc. outscores other storage vendors, including IBM and Netapp and occupies the second largest market share in the Swiss data storage market, according to the IT-Markt Report 2019 published by IT-Markt, Switzerland's largest professional IT media company.
Safe Access shields your network and allows you to manage the devices connected to your Synology Router. With Safe Access, you can set up different levels of web filters and impose daily time quotas on different users. Your network will benefit from the following features:
1. Internet Schedule: Set up when to allow or block Internet access.
2. Time Quota: Configure daily time allowances for Internet access.
3. Web Filter: Set different levels of access restrictions and customize your own web filter to block inappropriate websites.
4. A successful exploitation of this vulnerability can lead to planting of a backdoor into this security product which can be then used to disable policies used in the security control.
1.6 Virsec Security Platform (VSP) Support:
VSP-Web has capability that can detect all types of SQL injection attack and prevent this vulnerability from being exploited.
VSP-Host monitors processes that are spawned which are not part of a set of whitelisted process. Any attempt to execute new command or unknown binary would be denied by VSP-Host’s Process Monitoring capability.
1.7 Reference Links:
Download the full vulnerability report to learn more about this and other important vulnerabilities.