3 matches found
CVE-2022-27617
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in webapi component in Synology Calendar before 2.3.4-0631 allows remote authenticated users to download arbitrary files via unspecified vectors...
CVE-2022-27617
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in webapi component in Synology Calendar before 2.3.4-0631 allows remote authenticated users to download arbitrary files via unspecified vectors...
CVE-2022-27617
Synology Calendar's webapi component contains a Path Traversal vulnerability (CVE-2022-27617) affecting versions prior to 2.3.4-0631. The issue stems from an improper limitation of a pathname to a restricted directory, allowing remote authenticated users to download arbitrary files via unspecifie...