Synology NAS DSM Account Takeover: When Random is not Secure

Team82 discovered that Synology DSM's installation wizard used the insecure JavaScript Math.random() to generate the built-in admin password, enabling an attacker who can leak several Math.random()-derived GUIDs to reconstruct the XorShift128 PRNG seed and recover the admin password; the team produced a PoC, disclosed the issue as CVE-2023-2729, and Synology released a patch (DSM 7.2-64561+).