CVE-2017-12074

CVE-2017-12074

Vendor Synology
Product Synology DNS Server
Weakness CWE-22 · Path traversal
Published August 24, 2017
Last update September 16, 2024

CVSS base score

What the vulnerability does

01Description

Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter.

Key dates

02Disclosure timeline

August 24, 2017 CVE published
September 16, 2024 Record updated