Published on August 31st, 2015 📆 | 7972 Views ⚑
0Persistent Cross-Site Scripting vulnerability in Synology Download Station
https://www.ispeech.org
Download Station is a popular Synology web application with more than 6.879.000 installations. Synology Download Station users can download files from multiple file hosting sites like BT, FTP, HTTP, NZB, Thunder, eMule, and more. Download Station is generally used by users that use their NAS as an entertainment hub, residing within the user's home network. Most users do not realize that these NAS devices are an entry point for attackers into their home network.
Multiple Cross-Site Scripting vulnerabilities were found in Synology Download Station. These issues allow attackers to perform a wide variety of actions, such as stealing victims' session tokens or login credentials if available, performing arbitrary actions on their behalf but also performing arbitrary redirects to potential malicious websites.
Likes: 0
Viewed:
source
Gloss