Ars Technica

PSA - Synology VPN Server Vulnerabilty

Just caught this as an aside in an unrelated post at SANS ISC. I know the Synology devices are popular, so thought I'd drop this in here.
GIGAZINE

I created a free remote desktop VPN environment using a Synology router

Synology routers are equipped with an easy-to-use GUI management system called 'Synology Router Manager (SRM),' which allows you to set up a remote desktop environment by performing operations such as ...
TechRadar

Synology patches maximum risk flaw in its VPN routers

Synology has patched a vulnerability discovered in its router software, that’s been rated maximum severity - 10/10. According to an advisory released by the NAS manufacturer, the vulnerability was ...
9to5Mac

Synology makes VPN Plus Client software free for businesses, indefinitely

Synology, known for its great network and storage solutions has seen businesses buying licenses for its VPN Plus Client five times higher than normal as the coronavirus pandemic has developed. Now in ...
Bleeping Computer

Synology fixes maximum severity vulnerability in VPN routers

Taiwan-based NAS maker Synology has addressed a maximum (10/10) severity vulnerability affecting routers configured to run as VPN servers. The vulnerability, tracked as CVE-2022-43931, was discovered ...
TechRadar

Using a Synology NAS? Patch this MITM vulnerability now

Clients of popular network-attached storage (NAS) appliance vendor Synology were briefly exposed to a man-in-the-middle (MITM) attack, the company has revealed. Synology identified an improper ...