exploitDog

GHSA-jpjg-ww2x-6ww6

Опубликовано: 26 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Improper neutralization of special elements used in a command ('Command Injection') vulnerability in File service functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors.

Improper neutralization of special elements used in a command ('Command Injection') vulnerability in File service functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors.

Ссылки

EPSS

Процентиль: 77%

0.01024

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2022-22688

CVSS3: 8.8

nvd

почти 4 года назад

Improper neutralization of special elements used in a command ('Command Injection') vulnerability in File service functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors.

EPSS

Процентиль: 77%

0.01024

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-77