exploitDog

GHSA-mr65-chc3-q36v

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Permissive regular expression vulnerability in synophoto_dsm_user in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote authenticated users to conduct privilege escalation attacks via the fullname parameter.

Permissive regular expression vulnerability in synophoto_dsm_user in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote authenticated users to conduct privilege escalation attacks via the fullname parameter.

Ссылки

EPSS

Процентиль: 61%

0.00406

Низкий

8.8 High

CVSS3

CVE ID

Связанные уязвимости

CVE-2018-8926

CVSS3: 8.8

nvd

больше 7 лет назад

Permissive regular expression vulnerability in synophoto_dsm_user in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote authenticated users to conduct privilege escalation attacks via the fullname parameter.

EPSS

Процентиль: 61%

0.00406

Низкий

8.8 High

CVSS3

CVE ID