Description
The OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
http://forum.synology.com/enu/viewtopic.php?f=173&t=77644
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/534284
Scores
EPSS
0.0063
EPSS Percentile
70.5%
Details
CWE
CWE-200
CWE-255
Status
published
Products (1)
synology/diskstation_manager
4.3-3810 1
Published
Mar 02, 2014
Tracked Since
Feb 18, 2026