CVE-2019-11823

Name of the Vulnerable Software and Affected Versions Synology Router Manager (SRM) versions prior to 1.2.3-8017-2

Description The issue allows remote attackers to cause a denial of service, resulting in an out-of-bounds read and application crash, via crafted network traffic. This is due to a CRLF injection vulnerability in the Network Center of Synology Router Manager.

Recommendations For versions prior to 1.2.3-8017-2, update to version 1.2.3-8017-2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Network Center to minimize the risk of exploitation.