Security Advisory

CVE-2017-11158

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-08-31 13:00:00

Last updated 2024-09-17 02:27:34

Assigner synology

State PUBLISHED

Description

Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.

← Browse all CVEs View on cve.org ↗