Security Advisory

CVE-2017-11150

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-08-14 19:00:00

Last updated 2024-09-17 01:27:01

Assigner synology

State PUBLISHED

Description

Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents.

← Browse all CVEs View on cve.org ↗