vulnerability context

CVE-2021-47961

CVSS 8.1 HIGHEPSS 15%CWE-256

A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access or influence the user's PIN code due to insecure storage. This may lead to unauthorized VPN configuration and potential interception of subsequent VPN traffic when combined with user interaction.

Published 2026-04-10 · last modified 2026-05-29

details

CISA KEV status: Not in catalog
CVSS v3: 8.1 / HIGH
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
EPSS: 15% percentile (score 0.0005)
CWE: CWE-256

View on NVD → · cve.org

source mentions 1

[CyberHub] 📌 CVE-2021-47961 - A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allo...Bluesky:@cyberhub.blog · 11d ago

source consensus

Bluesky:@cyberhub.blog1×

Want the 3-bullet summary of CVE-2021-47961, plus webhook alerts when KEV is updated? Pro is $10/mo.

Open in reader See Pro →