exploitDog

GHSA-8wg2-h7mh-v5qc

Опубликовано: 29 июл. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.1

Описание

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology WebDAV Server before 2.4.0-0062 allows remote authenticated users to delete arbitrary files via unspecified vectors.

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology WebDAV Server before 2.4.0-0062 allows remote authenticated users to delete arbitrary files via unspecified vectors.

Ссылки

EPSS

Процентиль: 76%

0.00951

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2022-22685

CVSS3: 8.7

nvd

больше 3 лет назад

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology WebDAV Server before 2.4.0-0062 allows remote authenticated users to delete arbitrary files via unspecified vectors.

EPSS

Процентиль: 76%

0.00951

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-22