2 matches found
CVE-2018-8926
Permissive regular expression vulnerability in synophotodsmuser in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote authenticated users to conduct privilege escalation attacks via the fullname parameter...
CVE-2018-8926
Synology Photo Station (affected versions: before 6.8.5-3471 and before 6.3-2975) contains a permissive regex vulnerability in synophoto_dsm_user that allows remote authenticated users to escalate privileges via the fullname parameter. The issue leads to high-impact results (C:H/I:H/A:H) per CVSS...