An improper access control vulnerability in synodsmnotify in Synology DiskStation Manager (DSM) before 6.1.4-15217 and before 6.0.3-8754-6 allows local users to inject arbitrary web script or HTML via the -fn option.
References
Link | Resource |
---|---|
https://www.synology.com/en-global/support/security/Synology_SA_17_74 | Vendor Advisory |
https://www.synology.com/en-global/support/security/Synology_SA_17_74 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:16
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.synology.com/en-global/support/security/Synology_SA_17_74 - Vendor Advisory |
Information
Published : 2017-12-22 14:29
Updated : 2024-11-21 03:16
NVD link : CVE-2017-16766
Mitre link : CVE-2017-16766
CVE.ORG link : CVE-2017-16766
JSON object : View
Products Affected
synology
- diskstation_manager