CVE-2024-11398

Publication date

2024-12-04 06:59:56

Family

synology

State

PUBLISHED

Description

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in OTP reset functionality in Synology Router Manager (SRM) before 1.3.1-9346-9 allows remote authenticated users to delete arbitrary files via unspecified vectors.