CVE-2017-11149
CVE-2017-11149 affects Synology Download Station’s Downloader, enabling a server-side request forgery (SSRF). The vulnerability exists in versions 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984, where remote authenticated users can download arbitrary local files via crafted URIs. No exploitation...