CVE-2017-15895

CVE-2017-15895

Vendor Synology
Product Synology Router Manager (SRM)
Weakness CWE-22 · Path traversal
Published December 8, 2017
Last update September 16, 2024

CVSS base score

What the vulnerability does

01Description

Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology Router Manager (SRM) before 1.1.5-6542-4 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.

Key dates

02Disclosure timeline

December 8, 2017 CVE published
September 16, 2024 Record updated