CVE-2022-27612

Name of the Vulnerable Software and Affected Versions Synology Audio Station versions prior to 6.5.4-3367

Description The issue is related to a buffer copy without checking the size of the input, also known as a 'Classic Buffer Overflow' vulnerability, in the cgi component. This allows remote attackers to execute arbitrary commands via unspecified vectors.

Recommendations For versions prior to 6.5.4-3367, update to version 6.5.4-3367 or later to resolve the issue. As a temporary workaround, consider restricting access to the cgi component in Synology Audio Station until a patch is applied.