CVE-2017-12075

Summary

Command injection vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to execute arbitrary command via the username parameter.

Affected Software

VendorProductVersion RangeStatus
SynologyDiskStation Manager (DSM)unspecified < 6.2-23739affected

Weaknesses

  • CWE-77: Improper Neutralization of Special Elements used in a Command (CWE-77)

ADP Enrichment

CVE Program Container

Additional References

References