CVE-2017-15893

CVE-2017-15893

Vendor Synology
Product Synology File Station
Weakness CWE-22 · Path traversal
Published December 8, 2017
Last update September 17, 2024

CVSS base score

What the vulnerability does

01Description

Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology File Station before 1.1.1-0099 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.

Key dates

02Disclosure timeline

December 8, 2017 CVE published
September 17, 2024 Record updated