CVE-2018-8920

Summary

Improper neutralization of escape vulnerability in Log Exporter in Synology DiskStation Manager (DSM) before 6.1.6-15266 allows remote attackers to inject arbitrary content to have an unspecified impact by exporting an archive in CSV format.

Affected Software

VendorProductVersion RangeStatus
SynologyDiskStation Manager (DSM)unspecified < 6.1.6-15266affected

Weaknesses

  • CWE-116: CWE-116: Improper Encoding or Escaping of Output

ADP Enrichment

CVE Program Container

Additional References

References