Volerion logoVolerion
Volerion logoVolerion

Synology Note Station Client Cleartext Transmission Vulnerability Allowing Credential Theft

Vulnerability

A vulnerability in Synology Note Station Client versions prior to 2.2.4-703 allows man-in-the-middle attackers to intercept and obtain user credentials due to cleartext transmission of sensitive information.

Impact

Exploitation of this vulnerability could lead to unauthorized interception of user credentials.

Remediation

Users are advised to update to Synology Note Station Client version 2.2.4-703 or later.

Added: Jun 3, 2026, 2:25 PM
Updated: Jun 3, 2026, 2:25 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
2.5
exploitability
6.0
remediation
0.0
relevance
9.9
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.