Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology USB Copy before 2.2.0-1086 allows remote authenticated users to read or write arbitrary files via unspecified vectors.
History

Tue, 14 Jan 2025 19:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*
cpe:2.3:a:synology:diskstation_manager:7.0:*:*:*:*:*:*:*
cpe:2.3:a:synology:diskstation_manager:7.1:*:*:*:*:*:*:*
cpe:2.3:o:synology:diskstation_manager:6.2:*:*:*:*:*:*:*
cpe:2.3:o:synology:diskstation_manager:7.0:*:*:*:*:*:*:*
cpe:2.3:o:synology:diskstation_manager:7.1:*:*:*:*:*:*:*

cve-icon MITRE

Status: PUBLISHED

Assigner: synology

Published: 2022-08-03T05:55:11.765753Z

Updated: 2024-09-17T01:50:43.181Z

Reserved: 2022-03-21T00:00:00

Link: CVE-2022-27621

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-08-03T06:15:07.450

Modified: 2025-01-14T19:29:55.853

Link: CVE-2022-27621

cve-icon Redhat

No data.