CVE-2022-49038

Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors.
Configurations

Configuration 1 (hide)

cpe:2.3:a:synology:drive_client:*:*:*:*:*:desktop:*:*

History

08 Oct 2024, 16:08

Type Values Removed Values Added
References () https://www.synology.com/en-global/security/advisory/Synology_SA_24_10 - () https://www.synology.com/en-global/security/advisory/Synology_SA_24_10 - Vendor Advisory
CPE cpe:2.3:a:synology:drive_client:*:*:*:*:*:desktop:*:*
First Time Synology
Synology drive Client

26 Sep 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) La inclusión de funcionalidad de una vulnerabilidad de esfera de control no confiable en el componente DLL de OpenSSL en Synology Drive Client anterior a 3.3.0-15082 permite a los usuarios locales ejecutar código arbitrario a través de vectores no especificados.

26 Sep 2024, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-26 04:15

Updated : 2024-10-08 16:08


NVD link : CVE-2022-49038

Mitre link : CVE-2022-49038

CVE.ORG link : CVE-2022-49038


JSON object : View

Products Affected

synology

  • drive_client
CWE
CWE-829

Inclusion of Functionality from Untrusted Control Sphere