Security Advisory

CVE-2017-11157

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-08-30 20:00:00

Last updated 2024-08-05 17:57:58

Assigner synology

State PUBLISHED

Description

Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.

← Browse all CVEs View on cve.org ↗