CVE-2022-22683

Name of the Vulnerable Software and Affected Versions Synology Media Server versions prior to 1.8.1-2876

Description The issue is related to a buffer copy without checking the size of the input, also known as a 'Classic Buffer Overflow' vulnerability, in the cgi component. This allows remote attackers to execute arbitrary code via unspecified vectors.

Recommendations For Synology Media Server versions prior to 1.8.1-2876, update to version 1.8.1-2876 or later to resolve the issue. As a temporary workaround, consider restricting access to the cgi component until a patch is applied.