exploitDog

GHSA-f4px-mf48-4h8c

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

Use of unmaintained third party components vulnerability in faad in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote authenticated users to execute arbitrary code via a crafted file path.

Use of unmaintained third party components vulnerability in faad in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote authenticated users to execute arbitrary code via a crafted file path.

Ссылки

EPSS

Процентиль: 78%

0.01128

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-121

CWE-787

Связанные уязвимости

CVE-2021-26567

CVSS3: 7.8

nvd

почти 5 лет назад

Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options.

EPSS

Процентиль: 78%

0.01128

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-121

CWE-787