exploitDog

GHSA-frc9-5h6p-f7f3

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via prog_id field.

Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via prog_id field.

Ссылки

EPSS

Процентиль: 53%

0.00297

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200

CWE-552

Связанные уязвимости

CVE-2017-12079

CVSS3: 7.5

nvd

около 8 лет назад

Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via prog_id field.

EPSS

Процентиль: 53%

0.00297

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200

CWE-552