What is CVE-2023-5748?

CVE-2023-5748 is a low-severity vulnerability in Synology Ssl Vpn Client, classified under CWE-120: BUFFER COPY WITHOUT CHECKING SIZE OF INPUT ('CLASSIC BUFFER OVERFLOW'). CVSS score: 3.3/10. Published 2023-10-24.

How severe is CVE-2023-5748?

Low severity. CVSS v3 base score is 3.3 out of 10.

Vulnerability in Synology Ssl Vpn Client

CVE-2023-5748

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors.

EPSS: 0.001 (26.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.3 (Low). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L.

Affected products

Synology Ssl Vpn Client

References

Synology-SA-23:12 Synology SSL VPN Client (vendor-advisory)

Frequently asked questions

What is CVE-2023-5748?: CVE-2023-5748 is a low-severity vulnerability in Synology Ssl Vpn Client, classified under CWE-120: BUFFER COPY WITHOUT CHECKING SIZE OF INPUT ('CLASSIC BUFFER OVERFLOW'). CVSS score: 3.3/10. Published 2023-10-24.
How severe is CVE-2023-5748?: Low severity. CVSS v3 base score is 3.3 out of 10.