Security Advisory
CVE-2021-29087
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to write arbitrary files via unspecified vectors.