exploitDog

GHSA-7vx4-7pxq-c7q2

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Command injection vulnerability in ftpd in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.

Command injection vulnerability in ftpd in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.

Ссылки

EPSS

Процентиль: 78%

0.01159

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2018-13285

CVSS3: 7.5

nvd

почти 7 лет назад

Command injection vulnerability in ftpd in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.

EPSS

Процентиль: 78%

0.01159

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-78