DSM 2022.2 SU2 and all prior versions allows a local low privileged account to execute arbitrary OS commands as the DSM software installation user.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2023-08-10T19:07:44.291Z
Updated: 2024-08-02T12:30:24.334Z
Reserved: 2023-03-10T19:36:27.052Z
Link: CVE-2023-28129
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-08-10T20:15:09.657
Modified: 2023-10-18T04:15:10.807
Link: CVE-2023-28129
Redhat
No data.