2 matches found
Synology DiskStation Manager Improper Neutralization of Special Elements used in a Command (CVE-2017-12075)
Command injection vulnerability in EZ-Internet in Synology DiskStation Manager DSM before 6.2-23739 allows remote authenticated users to execute arbitrary command via the username parameter. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
CVE-2017-12075
The CVE-2017-12075 issue affects Synology DiskStation Manager (DSM) prior to 6.2-23739, specifically in EZ-Internet. The vulnerability permits a remote authenticated user to inject and execute arbitrary commands through the username parameter, due to improper handling of input. Affected component...