Lucene search
K

87 matches found

CVE
CVE
added 2025/02/13 6:26 a.m.59 views

CVE-2024-47266

CVE-2024-47266 affects Synology Active Backup for Business, where the share file list functionality is vulnerable to path traversal. Before versions 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234, remote authenticated users with administrator privileges can read specific files containing non-sensitive i...

2.7CVSS6.4AI score0.0044EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/02/13 6:26 a.m.6 views

CVE-2024-47266

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in share file list functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to read specific files...

2.7CVSS0.0044EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/13 6:26 a.m.4 views

CVE-2024-47266

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in share file list functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to read specific files...

2.7CVSS6.3AI score0.0044EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/13 6:25 a.m.9 views

CVE-2024-47265

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vector...

6.5CVSS0.00365EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/13 6:25 a.m.3 views

CVE-2024-47265

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vector...

6.5CVSS6.7AI score0.00365EPSS
Exploits0References1
CVE
CVE
added 2025/02/13 6:25 a.m.60 views

CVE-2024-47265

CVE-2024-47265 is a path traversal vulnerability in Synology Active Backup for Business with improper limitation of a pathname to a restricted directory. Affects multiple pre-2.7.1-13234/2.7.1-23234/2.7.1-3234 builds where remote authenticated users can write specific files via unspecified vector...

6.5CVSS6.7AI score0.00365EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/02/13 6:25 a.m.64 views

CVE-2024-47264

CVE-2024-47264 affects Synology Active Backup for Business. The issue is an improper limitation of a pathname to a restricted directory in the agent-related functionality, enabling a remote authenticated user with administrator privileges to delete arbitrary files. Affected versions are before 2....

6.5CVSS6.8AI score0.00528EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/13 6:25 a.m.5 views

CVE-2024-47264

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in agent-related functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to delete arbitrary files...

4.9CVSS6.8AI score0.00528EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/13 6:25 a.m.8 views

CVE-2024-47264

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in agent-related functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to delete arbitrary files...

4.9CVSS0.00528EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/13 12:0 a.m.4 views

Synology Active Backup for Business 路径遍历漏洞

Synology Active Backup for Business is a backup program from Synology, a Chinese company. A path traversal vulnerability exists in Synology Active Backup for Business, which can be exploited to allow a remote authenticated user with administrator privileges to read specific files containing...

2.7CVSS6.4AI score0.0044EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/13 12:0 a.m.4 views

Synology Active Backup for Business 路径遍历漏洞

Synology Active Backup for Business is a backup program from China-based Synology. A path traversal vulnerability exists in Synology Active Backup for Business, which originates from allowing remote authenticated users to write to specific files via unspecified vectors...

6.5CVSS6.7AI score0.00365EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/13 12:0 a.m.6 views

Synology Active Backup for Business 路径遍历漏洞

Synology Active Backup for Business is a backup program from Synology, a Chinese company. A path traversal vulnerability exists in Synology Active Backup for Business, which could allow a remote authenticated user with administrator privileges to delete arbitrary files via unspecified vectors...

4.9CVSS6.7AI score0.00528EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/13 12:0 a.m.3 views

PT-2025-6697

Name of the Vulnerable Software and Affected Versions Synology Active Backup for Business versions prior to 2.7.1-13234 Synology Active Backup for Business versions prior to 2.7.1-23234 Synology Active Backup for Business versions prior to 2.7.1-3234 Description The issue is related to a 'Path...

6.5CVSS5.7AI score0.00528EPSS
Exploits0References6
NVD
NVD
added 2024/09/26 4:15 a.m.40 views

CVE-2023-52947

Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be affected by the logo...

4CVSS0.00164EPSS
Exploits0References1
NVD
NVD
added 2024/09/26 4:15 a.m.11 views

CVE-2023-52950

Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows adjacent man-in-the-middle attackers to obtain user credential via unspecified vectors...

5.3CVSS0.0008EPSS
Exploits0References1
OSV
OSV
added 2024/09/26 4:15 a.m.4 views

CVE-2023-52947

Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be affected by the logo...

3.3CVSS5.8AI score0.00164EPSS
Exploits0References1
NVD
NVD
added 2024/09/26 4:15 a.m.26 views

CVE-2023-52949

Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors...

5.5CVSS0.00176EPSS
Exploits0References1
OSV
OSV
added 2024/09/26 4:15 a.m.4 views

CVE-2023-52949

Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors...

5.5CVSS5.8AI score0.00176EPSS
Exploits0References1
NVD
NVD
added 2024/09/26 4:15 a.m.24 views

CVE-2023-52948

Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors...

5CVSS0.00085EPSS
Exploits0References1
CVE
CVE
added 2024/09/26 3:42 a.m.57 views

CVE-2023-52949

CVE-2023-52949 affects Synology Active Backup for Business Agent prior to 2.7.0-3221. The issue is a missing authentication for a critical function in the proxy settings, allowing local users to obtain credentials via unspecified vectors. CVSSv3.1 base metrics indicate a Local attack with Low com...

5.5CVSS5.3AI score0.00176EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder