{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T14:24:12.672","vulnerabilities":[{"cve":{"id":"CVE-2024-53287","sourceIdentifier":"security@synology.com","published":"2025-07-23T05:15:29.870","lastModified":"2025-07-29T19:33:38.310","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in VPN Setting functionality in Synology Router Manager (SRM) before 1.3.1-9346-11 allows remote authenticated users with administrator privileges to inject arbitrary web script or HTML via unspecified vectors."},{"lang":"es","value":"Vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en la funcionalidad de configuración VPN en Synology Router Manager (SRM) anterior a 1.3.1-9346-11 permite a usuarios remotos autenticados con privilegios de administrador inyectar scripts web arbitrarios en las páginas a través de vectores no especificados."}],"metrics":{"cvssMetricV31":[{"source":"security@synology.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.7,"impactScore":3.7}]},"weaknesses":[{"source":"security@synology.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:synology:router_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"1.3","versionEndExcluding":"1.3.1-9346","matchCriteriaId":"F8046DA6-36F6-4155-8594-8E7057396BFB"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:router_manager:1.3.1-9346:-:*:*:*:*:*:*","matchCriteriaId":"1516A124-FB02-4ADA-BCB6-27F0F1170A11"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:router_manager:1.3.1-9346:update1:*:*:*:*:*:*","matchCriteriaId":"BD983E13-D56A-4E76-9689-0F1AE99CEC7E"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:router_manager:1.3.1-9346:update10:*:*:*:*:*:*","matchCriteriaId":"8DAD6899-921F-40D5-AACB-613C7332EB72"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:router_manager:1.3.1-9346:update2:*:*:*:*:*:*","matchCriteriaId":"7C642E1B-1E10-444E-9243-7A7E8ECBD17D"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:router_manager:1.3.1-9346:update3:*:*:*:*:*:*","matchCriteriaId":"B7544B4B-5BB7-4D58-8943-98DACC17E5F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:router_manager:1.3.1-9346:update4:*:*:*:*:*:*","matchCriteriaId":"5A7269FD-9F1D-4CA3-A8F6-3A13C967FBD7"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:router_manager:1.3.1-9346:update5:*:*:*:*:*:*","matchCriteriaId":"52005D46-FFB0-44DF-9583-7EB436F2CDF0"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:router_manager:1.3.1-9346:update6:*:*:*:*:*:*","matchCriteriaId":"E50F7D87-1D71-4AA7-A6C8-B15744521D23"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:router_manager:1.3.1-9346:update7:*:*:*:*:*:*","matchCriteriaId":"CFE129E2-9243-4DB3-9D2F-9E0F886ECCC6"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:router_manager:1.3.1-9346:update8:*:*:*:*:*:*","matchCriteriaId":"185CD5A8-1115-40AF-91DD-E0065E1ACD7A"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:router_manager:1.3.1-9346:update9:*:*:*:*:*:*","matchCriteriaId":"0162C158-37F0-401F-9027-C067335C0A28"}]}]}],"references":[{"url":"https://www.synology.com/en-global/security/advisory/Synology_SA_24_16","source":"security@synology.com","tags":["Vendor Advisory"]}]}}]}