An improper access control vulnerability in synodsmnotify in Synology DiskStation Manager (DSM) before 6.1.4-15217 and before 6.0.3-8754-6 allows local users to inject arbitrary web script or HTML via the -fn option.
References
Link | Resource |
---|---|
https://www.synology.com/en-global/support/security/Synology_SA_17_74 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2017-12-22 14:29
Updated : 2024-02-28 16:04
NVD link : CVE-2017-16766
Mitre link : CVE-2017-16766
CVE.ORG link : CVE-2017-16766
JSON object : View
Products Affected
synology
- diskstation_manager