Synology DiskStation Manager (DSM) is an operating system used on network storage servers (NAS) by Synology Inc. of Taiwan, China. A path traversal vulnerability exists in Synology DiskStation Manager (DSM), which stems from an improper pathname restriction in the webapi component, and can be exploited by remote authentication attackers to delete arbitrary files via an unspecified vector.