プラットフォーム
synology
コンポーネント
synology_sa_20_25
修正版
1.2.3-0234
CVE-2020-27660 describes a critical SQL injection vulnerability discovered in Synology SafeAccess, affecting versions up to 1.2.3-0234. This flaw allows remote attackers to inject malicious SQL code through the 'domain' parameter, potentially compromising sensitive data. Synology has released a patch in version 1.2.3-0234 to address this vulnerability.
The SQL injection vulnerability in Synology SafeAccess poses a significant risk. A successful attacker can leverage this flaw to bypass authentication, gain unauthorized access to the underlying database, and execute arbitrary SQL commands. This could lead to the exfiltration of sensitive information such as user credentials, configuration data, and potentially even system files. The impact extends beyond data theft; an attacker could also modify or delete data, disrupt services, or even gain control of the affected Synology device. Given the potential for widespread data compromise and system takeover, this vulnerability warrants immediate attention.
CVE-2020-27660 was publicly disclosed on November 30, 2020. While no active exploitation campaigns have been definitively confirmed, the vulnerability's critical severity and ease of exploitation make it a potential target. It is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are available, increasing the likelihood of exploitation if systems remain unpatched.
Organizations and individuals utilizing Synology SafeAccess, particularly those with older versions (≤1.2.3-0234), are at significant risk. Shared hosting environments where multiple users share a single SafeAccess instance are especially vulnerable, as a compromise of one user's account could potentially affect others.
• synology / server:
journalctl -u safeaccess | grep -i "SQL injection"• synology / server:
find /var/log/safeaccess -type f -print0 | xargs -0 grep -i "SQL injection"• generic web:
curl -I <safeaccess_url>/request.cgi?domain='; DROP TABLE users; -- | grep -i "SQL injection"disclosure
patch
エクスプロイト状況
EPSS
2.20% (84% パーセンタイル)
CVSS ベクトル
The primary mitigation for CVE-2020-27660 is to immediately upgrade Synology SafeAccess to version 1.2.3-0234 or later. If upgrading is not immediately feasible due to compatibility issues or downtime concerns, consider implementing temporary workarounds. These may include restricting access to the 'domain' parameter through firewall rules or web application firewalls (WAFs) to prevent malicious input. Monitor SafeAccess logs for suspicious SQL queries and unusual activity. After upgrading, confirm the fix by attempting a SQL injection attack via the 'domain' parameter; a properly patched system should reject the malicious input.
Actualice Synology SafeAccess a la versión 1.2.3-0234 o posterior. Esta actualización corrige la vulnerabilidad de inyección SQL en el parámetro domain de request.cgi.
脆弱性分析と重要アラートをメールでお届けします。
CVE-2020-27660 is a critical SQL injection vulnerability in Synology SafeAccess versions 1.2.3-0234 and earlier, allowing attackers to execute arbitrary SQL commands.
If you are running Synology SafeAccess version 1.2.3-0234 or earlier, you are potentially affected by this vulnerability.
Upgrade Synology SafeAccess to version 1.2.3-0234 or later to resolve the vulnerability. Consider temporary workarounds like WAF rules if immediate upgrade is not possible.
While no confirmed active exploitation campaigns are publicly known, the vulnerability's severity and ease of exploitation make it a potential target.
Refer to the official Synology Security Advisory: https://www.synology.com/en-global/security/advisory/synology-sa-2020-113