CVE-2016-10331

Publication date

2017-05-12 20:00:00

Family

synology

State

PUBLISHED

Description

Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id parameter.