CVE-2017-16766
N/A
N/A
Summary
An improper access control vulnerability in synodsmnotify in Synology DiskStation Manager (DSM) before 6.1.4-15217 and before 6.0.3-8754-6 allows local users to inject arbitrary web script or HTML via the -fn option.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Synology | DiskStation Manager (DSM) | before 6.1.4-15217 | affected |
| Synology | DiskStation Manager (DSM) | before 6.0.3-8754-6 | affected |
Weaknesses
- CWE-284: Improper Access Control (CWE-284)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.