Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology USB Copy before 2.2.0-1086 allows remote authenticated users to read or write arbitrary files via unspecified vectors.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.synology.com/security/advisory/Synology_SA_22_14 |
History
Tue, 14 Jan 2025 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:synology:diskstation_manager:7.0:*:*:*:*:*:*:* cpe:2.3:a:synology:diskstation_manager:7.1:*:*:*:*:*:*:* |
cpe:2.3:o:synology:diskstation_manager:6.2:*:*:*:*:*:*:* cpe:2.3:o:synology:diskstation_manager:7.0:*:*:*:*:*:*:* cpe:2.3:o:synology:diskstation_manager:7.1:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: synology
Published: 2022-08-03T05:55:11.765753Z
Updated: 2024-09-17T01:50:43.181Z
Reserved: 2022-03-21T00:00:00
Link: CVE-2022-27621
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-08-03T06:15:07.450
Modified: 2025-01-14T19:29:55.853
Link: CVE-2022-27621
Redhat
No data.