Description
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users with administrator privileges to write specific files containing non-sensitive information via unspecified vectors.
Published: 2026-06-03
Score: 4.1 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an improper limitation of a pathname to a restricted directory (path traversal) in the Backup.Repository web API of Synology Hyper Backup. It allows remote authenticated users who have administrator privileges to write specific files containing non-sensitive information via unspecified vectors. The adversary could place arbitrary files, potentially affecting system operation or local data, but cannot access sensitive data directly. The weakness is CWE-22.

Affected Systems

Synology Hyper Backup versions prior to 4.1.2-4036 are affected. This includes current releases of DSM 7.x running Hyper Backup, such as on Synology model DS224+ and other DS devices. Administrators on affected installations are at risk if no patch is applied. Version information is limited to pre-4.1.2-4036.

Risk and Exploitability

The CVSS score of 4.1 indicates a moderate severity; the EPSS score is not available, so current exploitation likelihood is unknown. The vulnerability is not listed in the CISA KEV catalog. Attack requires remote authentication and administrator level privileges. If exploited, an attacker could write files that could modify configuration or disrupt operation but cannot extract sensitive data directly. The overall risk remains moderate pending remediation.

Generated by OpenCVE AI on June 3, 2026 at 15:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Synology Hyper Backup to version 4.1.2-4036 or later.
  • Restrict administrative privileges to essential users only.
  • Monitor Hyper Backup logs for unauthorized file creation attempts.

Generated by OpenCVE AI on June 3, 2026 at 15:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 03 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 03 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Title Path Traversal in Synology Hyper Backup Allows Admin Write Access

Wed, 03 Jun 2026 14:15:00 +0000

Type Values Removed Values Added
Description An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users with administrator privileges to write specific files containing non-sensitive information via unspecified vectors.
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 4.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: synology

Published:

Updated: 2026-06-03T13:35:35.893Z

Reserved: 2024-09-24T03:58:57.132Z

Link: CVE-2024-47263

cve-icon Vulnrichment

Updated: 2026-06-03T15:49:26.191Z

cve-icon NVD

Status : Received

Published: 2026-06-03T14:16:26.250

Modified: 2026-06-03T14:16:26.250

Link: CVE-2024-47263

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-03T15:30:26Z

Weaknesses