87 matches found
CVE-2024-47266
CVE-2024-47266 affects Synology Active Backup for Business, where the share file list functionality is vulnerable to path traversal. Before versions 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234, remote authenticated users with administrator privileges can read specific files containing non-sensitive i...
CVE-2024-47266
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in share file list functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to read specific files...
CVE-2024-47266
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in share file list functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to read specific files...
CVE-2024-47265
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vector...
CVE-2024-47265
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vector...
CVE-2024-47265
CVE-2024-47265 is a path traversal vulnerability in Synology Active Backup for Business with improper limitation of a pathname to a restricted directory. Affects multiple pre-2.7.1-13234/2.7.1-23234/2.7.1-3234 builds where remote authenticated users can write specific files via unspecified vector...
CVE-2024-47264
CVE-2024-47264 affects Synology Active Backup for Business. The issue is an improper limitation of a pathname to a restricted directory in the agent-related functionality, enabling a remote authenticated user with administrator privileges to delete arbitrary files. Affected versions are before 2....
CVE-2024-47264
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in agent-related functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to delete arbitrary files...
CVE-2024-47264
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in agent-related functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to delete arbitrary files...
Synology Active Backup for Business 路径遍历漏洞
Synology Active Backup for Business is a backup program from Synology, a Chinese company. A path traversal vulnerability exists in Synology Active Backup for Business, which can be exploited to allow a remote authenticated user with administrator privileges to read specific files containing...
Synology Active Backup for Business 路径遍历漏洞
Synology Active Backup for Business is a backup program from China-based Synology. A path traversal vulnerability exists in Synology Active Backup for Business, which originates from allowing remote authenticated users to write to specific files via unspecified vectors...
Synology Active Backup for Business 路径遍历漏洞
Synology Active Backup for Business is a backup program from Synology, a Chinese company. A path traversal vulnerability exists in Synology Active Backup for Business, which could allow a remote authenticated user with administrator privileges to delete arbitrary files via unspecified vectors...
PT-2025-6697
Name of the Vulnerable Software and Affected Versions Synology Active Backup for Business versions prior to 2.7.1-13234 Synology Active Backup for Business versions prior to 2.7.1-23234 Synology Active Backup for Business versions prior to 2.7.1-3234 Description The issue is related to a 'Path...
CVE-2023-52947
Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be affected by the logo...
CVE-2023-52950
Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows adjacent man-in-the-middle attackers to obtain user credential via unspecified vectors...
CVE-2023-52947
Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be affected by the logo...
CVE-2023-52949
Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors...
CVE-2023-52949
Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors...
CVE-2023-52948
Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors...
CVE-2023-52949
CVE-2023-52949 affects Synology Active Backup for Business Agent prior to 2.7.0-3221. The issue is a missing authentication for a critical function in the proxy settings, allowing local users to obtain credentials via unspecified vectors. CVSSv3.1 base metrics indicate a Local attack with Low com...