Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter.
[
{
"product": "Synology DNS Server",
"vendor": "Synology",
"versions": [
{
"status": "affected",
"version": "before 2.2.1-3042"
}
]
}
]