CVE-2020-27653

Name of the Vulnerable Software and Affected Versions: Synology Router Manager (SRM) versions prior to 1.2.4-8081

Description: The issue concerns a problem with the QuickConnect feature in Synology Router Manager, which allows for a man-in-the-middle attack. This could enable an attacker to spoof servers and obtain sensitive information. The vulnerability is related to the use of defective cryptographic algorithms in the HTTP connection function.

Recommendations: For Synology Router Manager (SRM) versions prior to 1.2.4-8081, update to version 1.2.4-8081 or later to resolve the issue. As a temporary workaround, consider restricting access to the QuickConnect feature until the update is applied.