CVE-2017-12079

2017-11-0600:00:00

CWE-552

synology

www.cve.org

0.001 Low

EPSS

Percentile

48.5%

JSON

Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via prog_id field.

CNA Affected

[
  {
    "product": "Photo Station",
    "vendor": "Synology",
    "versions": [
      {
        "status": "affected",
        "version": "before 6.8.1-3458"
      },
      {
        "status": "affected",
        "version": "before 6.3-2970"
      }
    ]
  }
]

References

www.synology.com/en-global/support/security/Synology_SA_17_63_Photo_Station

0.001 Low

EPSS

Percentile

48.5%

JSON

Related for CVELIST:CVE-2017-12079