Path traversal

2022-08-0303:15:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.7%

JSON

Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology Storage Analyzer before 2.1.0-0390 allows remote authenticated users to delete arbitrary files via unspecified vectors.

CPENameOperatorVersion
storage_analyzereq< 2.1.0-390
storage_analyzereq< 2.0.1-214

CPE	Name	Operator	Version
	storage_analyzer	eq	< 2.1.0-390
	storage_analyzer	eq	< 2.0.1-214

References

www.synology.com/security/advisory/Synology_SA_22_11