Security Advisory

CVE-2017-15894

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-12-08 16:00:00

Last updated 2024-09-16 19:31:51

Assigner synology

State PUBLISHED

Description

Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology DiskStation Manager (DSM) 6.0.x before 6.0.3-8754-3 and before 5.2-5967-6 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.

← Browse all CVEs View on cve.org ↗