exploitDog

GHSA-fj46-cfm8-7pc4

Опубликовано: 24 фев. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 6.7

Описание

An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows local users to read or write arbitrary files during installation by placing a malicious DLL in advance in the same directory as the installer.

An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows local users to read or write arbitrary files during installation by placing a malicious DLL in advance in the same directory as the installer.

Ссылки

EPSS

Процентиль: 0%

0.00006

Низкий

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-427

Связанные уязвимости

CVE-2026-3091

CVSS3: 6.7

nvd

3 месяца назад

An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows local users to read or write arbitrary files and conduct denial-of-service during installation by placing a malicious DLL in advance in the same directory as the installer.

EPSS

Процентиль: 0%

0.00006

Низкий

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-427