Platform
synology
Component
synology-ssl-vpn-client
Fixed in
1.4.5-0684
CVE-2021-47960 describes an information disclosure vulnerability in Synology SSL VPN Client. This flaw allows remote attackers to access sensitive files within the application's installation directory, potentially exposing configuration files, certificates, and logs. The vulnerability affects versions 1.0.0 through 1.4.5-0684 of the client. A fix is available in version 1.4.5-0684.
The primary impact of CVE-2021-47960 is the potential for sensitive information disclosure. Successful exploitation allows an attacker to retrieve files from the Synology SSL VPN Client's installation directory. This could include configuration files containing credentials or connection details, SSL certificates used for encryption, and log files that might reveal user activity or system behavior. The attacker leverages user interaction with a crafted web page, suggesting a social engineering component may be involved. While the vulnerability is bound to the loopback interface, the ability to extract sensitive data represents a significant risk, potentially enabling further attacks or unauthorized access to the network.
CVE-2021-47960 was published on 2026-04-10. Public proof-of-concept exploits are not currently known, but the vulnerability's ease of exploitation and potential impact warrant attention. The vulnerability's reliance on user interaction may limit its widespread exploitation, but automated attacks are still possible. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.03% (9% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2021-47960 is to upgrade Synology SSL VPN Client to version 1.4.5-0684 or later. If upgrading is not immediately feasible, consider implementing network segmentation to restrict access to the SSL VPN Client's installation directory. Review web application firewall (WAF) rules to detect and block malicious requests targeting the vulnerable endpoint. Monitor system logs for unusual file access patterns or suspicious activity. After upgrading, verify the fix by attempting to access the vulnerable files via a web browser; access should be denied.
Update Synology SSL VPN Client to version 1.4.5-0684 or later to mitigate the vulnerability. The update addresses an issue that allows unauthorized access to files within the installation directory via a local HTTP (HTTP) server. See the Synology Advisory page for more details and installation instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2021-47960 is a medium severity vulnerability affecting Synology SSL VPN Client versions 1.0.0–1.4.5-0684. It allows attackers to access sensitive files via a crafted web page, potentially exposing configuration data and certificates.
If you are using Synology SSL VPN Client versions 1.0.0 through 1.4.5-0684, you are potentially affected by this vulnerability. Upgrade to the latest version to mitigate the risk.
Upgrade Synology SSL VPN Client to version 1.4.5-0684 or later. If immediate upgrade is not possible, implement network segmentation and WAF rules as temporary mitigations.
While no public exploits are currently known, the vulnerability's ease of exploitation suggests it could be targeted. Continuous monitoring is recommended.
Please refer to the Synology Security Advisory for detailed information and updates: [https://www.synology.com/en-global/security/advisory/CVE-2021-47960]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.