CVE-2022-49036

Description

An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users to execute arbitrary code via unspecified vectors.

References

• https://www.synology.com/en-global/releaseNote/ActiveBackupRecoveryMediaCreator