CVE-2018-13288

Summary

Information exposure vulnerability in SYNO.FolderSharing.List in Synology File Station before 1.2.3-0252 and before 1.1.5-0125 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter.

Affected Software

VendorProductVersion RangeStatus
SynologyFile Stationunspecified < 1.2.3-0252affected
SynologyFile Stationunspecified < 1.1.5-0125affected

Weaknesses

  • CWE-200: Information Exposure (CWE-200)

ADP Enrichment

CVE Program Container

Additional References

References