CVE-2022-27610

Publication date

2022-07-27 08:00:15

Family

synology

State

PUBLISHED

Description

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25423 allows remote authenticated users to delete arbitrary files via unspecified vectors.