Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology Storage Analyzer before 2.1.0-0390 allows remote authenticated users to delete arbitrary files via unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
storage_analyzer | eq | < 2.1.0-390 | |
storage_analyzer | eq | < 2.0.1-214 |