CVE-2017-16770

Summary

File and directory information exposure vulnerability in SYNO.SurveillanceStation.PersonalSettings.Photo in Synology Surveillance Station before 8.1.2-5469 allows remote authenticated users to obtain other user's sensitive files via the filename parameter.

Affected Software

VendorProductVersion RangeStatus
SynologySurveillance Stationbefore 8.1.2-5469affected

Weaknesses

  • CWE-538: File and Directory Information Exposure (CWE-538)

ADP Enrichment

CVE Program Container

Additional References

References