Lucene search

CVE-2018-8926

🗓️ 08 Jun 2018 13:01:29Reported by synologyType

Permissive regex vuln in Synology Photo Station before 6.8.5-3471 & 6.3-2975 allows privilege escalation via fullname parameter

Reporter	Title	Published	Views	Family All 4
Prion	Privilege escalation	8 Jun 201813:29	–	prion
Cvelist	CVE-2018-8926	8 Jun 201813:00	–	cvelist
NVD	CVE-2018-8926	8 Jun 201813:29	–	nvd
OpenVAS	Synology Photo Station Multiple Vulnerabilities (Synology_SA_18_15)	13 Jun 201800:00	–	openvas

Nvd

Node

synology photo_stationRange6.3-2958–6.3-2975

synology photo_stationRange6.8.0-3456–6.8.5-3471

[
  {
    "product": "Photo Station",
    "vendor": "Synology",
    "versions": [
      {
        "lessThan": "6.8.5-3471",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "6.3-2975",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
synology	www.synology.com/zh-tw/support/security/Synology_SA_18_15

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Jun 2018 13:29Current

8.5High risk

Vulners AI Score8.5

CVSS26.5

CVSS38.8

EPSS0.00428

CWE-625