CVE-2018-13281

Summary

Information exposure vulnerability in SYNO.Core.ACL in Synology DiskStation Manager (DSM) before 6.2-23739-2 allows remote authenticated users to determine the existence and obtain the metadata of arbitrary files via the file_path parameter.

Affected Software

VendorProductVersion RangeStatus
SynologyDiskStation Manager (DSM)unspecified < 6.2-23739-2affected

Weaknesses

  • CWE-200: Information Exposure (CWE-200)

ADP Enrichment

CVE Program Container

Additional References

References