2 matches found
CVE-2022-27610
The CVE-2022-27610 entry describes a path traversal vulnerability in the webapi component of Synology DiskStation Manager (DSM) prior to 6.2.3-25423. The flaw allows remote authenticated users to delete arbitrary files via unspecified vectors, due to improper limitation of a pathname to a restric...
CVE-2022-27610
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in webapi component in Synology DiskStation Manager DSM before 6.2.3-25423 allows remote authenticated users to delete arbitrary files via unspecified vectors...