Insufficiently Random Values Vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM)

Insufficiently Random Values Vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM)

CVE-2018-13280 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sessions via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.