4 matches found
CVE-2025-29843
CVE-2025-29843 describes a vulnerability in Synology FileStation thumb CGI within Synology Router Manager (SRM) that allows remote authenticated users to read and write image files. The affected component is FileStation thumb CGI; root cause details are not provided beyond the CGI exposure. Docum...
CVE-2025-29843
A vulnerability in FileStation thumb cgi allows remote authenticated users to read/write image files...
PT-2024-37834 · Tronclass · Tronclass
Name of the Vulnerable Software and Affected Versions: Tronclass affected versions not specified Description: The issue concerns a lack of proper access control in the thumbnail API of Tronclass, allowing unauthenticated remote attackers to obtain specific files by modifying the URL...
WisdomGarden Tronclass ilearn Access Control Error Vulnerability
WisdomGarden Tronclass ilearn is a teaching platform from China WisdomGarden, Inc. An access control error vulnerability exists in WisdomGarden Tronclass ilearn versions prior to 1.69.61976, which stems from a lack of proper access control in the Thumbnail API, allowing an unauthenticated, remote...