Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25423 allows remote authenticated users to delete arbitrary files via unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
diskstation_manager | ge | 6.2 | |
diskstation_manager | lt | 6.2.3 |