Synology Ssl Vpn Client
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Synology Ssl Vpn Client.
By the Year
In 2026 there have been 2 vulnerabilities in Synology Ssl Vpn Client with an average score of 7.3 out of ten. Ssl Vpn Client did not have any published security vulnerabilities last year. That is, 2 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 7.30 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 5.50 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 7.40 |
| 2018 | 1 | 8.10 |
It may take a day or so for new Ssl Vpn Client vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Synology Ssl Vpn Client Security Vulnerabilities
Synology SSL VPN Client <1.4.5 plaintext password storage vuln
CVE-2021-47961
8.1 - High
- April 10, 2026
A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access or influence the user's PIN code due to insecure storage. This may lead to unauthorized VPN configuration and potential interception of subsequent VPN traffic when combined with user interaction.
Unprotected Storage of Credentials
Synology SSL VPN Client <1.4.5-0684: HTTP Loopback Disclosure (CVE-2021-47960)
CVE-2021-47960
6.5 - Medium
- April 10, 2026
A files or directories accessible to external parties vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access files within the installation directory via a local HTTP server bound to the loopback interface. By leveraging user interaction with a crafted web page, attackers may retrieve sensitive files such as configuration files, certificates, and logs, leading to information disclosure.
Files or Directories Accessible to External Parties
Classic Buffer Overflow in Synology SSL VPN Client <1.4.7-0687 (DoS)
CVE-2023-5748
5.5 - Medium
- November 07, 2023
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors.
Classic Buffer Overflow
Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client before 1.2.5-0226
CVE-2018-13283
7.4 - High
- April 01, 2019
Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client before 1.2.5-0226 allows remote attackers to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.
Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224
CVE-2018-8929
8.1 - High
- July 06, 2018
Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224 allows remote attackers to conduct man-in-the-middle attacks via a crafted payload.
Communication Channel Errors
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Synology Ssl Vpn Client or by Synology? Click the Watch button to subscribe.
