exploitDog

GHSA-m32f-99jg-48x9

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to read arbitrary files via unspecified vectors.

Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to read arbitrary files via unspecified vectors.

Ссылки

EPSS

Процентиль: 51%

0.00284

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-74

Связанные уязвимости

CVE-2021-29085

CVSS3: 8.6

nvd

больше 4 лет назад

Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to read arbitrary files via unspecified vectors.

EPSS

Процентиль: 51%

0.00284

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-74