Lucene search

Synology File Station Security Vulnerabilities

cve

CVE-2021-29091

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in file management component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to write arbitrary files via unspecified...

7.7CVSS

6.1AI Score

0.001EPSS

2021-06-02 02:15 AM

cve

CVE-2021-29092

Unrestricted upload of file with dangerous type vulnerability in file management component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to execute arbitrary code via unspecified...

8.8CVSS

8.6AI Score

0.001EPSS

2021-06-01 02:15 PM

129

cve

CVE-2017-15893

Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology File Station before 1.1.1-0099 allows remote authenticated users to write arbitrary files via the dest_folder_path...

6.5CVSS

6.2AI Score

0.001EPSS

2017-12-08 04:29 PM

cve

CVE-2017-11154

Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type...

7.2CVSS

7.5AI Score

0.451EPSS

2017-08-08 03:29 PM