CVE-2024-53282

Name of the Vulnerable Software and Affected Versions Synology Router Manager versions prior to 1.3.1-9346-10

Description The issue is related to the WiFi Connect MAC Filter component of the Synology Router Manager, which fails to properly neutralize input during web page generation, leading to a Cross-site Scripting vulnerability. This allows a remote attacker with administrator privileges to inject arbitrary web script or HTML via unspecified vectors.

Recommendations For versions prior to 1.3.1-9346-10, update to version 1.3.1-9346-10 or later to resolve the issue. As a temporary workaround, consider restricting access to the WiFi Connect MAC Filter functionality until a patch is applied. Avoid using the WiFi Connect MAC Filter feature in Synology Router Manager until the issue is resolved.