CVE-2017-12080

Summary

An information exposure vulnerability in default HTTP configuration file in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain sensitive system information via .htaccess file.

Affected Software

VendorProductVersion RangeStatus
SynologyPhoto Stationbefore 6.8.1-3458affected
SynologyPhoto Stationbefore 6.3-2970affected

Weaknesses

  • CWE-200: Information Exposure (CWE-200)

ADP Enrichment

CVE Program Container

Additional References

References