CVE-2017-12079

CVE-2017-12079

Vendor Synology
Product Photo Station
Weakness CWE-552 · Files accessible externally
Published December 4, 2017
Last update September 16, 2024

CVSS base score

What the vulnerability does

01Description

Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via prog_id field.

Key dates

02Disclosure timeline

December 4, 2017 CVE published
September 16, 2024 Record updated