Описание
client_chown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:synology:cloud_station:1.1-2291:*:*:*:*:*:*:*
cpe:2.3:a:synology:cloud_station:2.0-2291:*:*:*:*:*:*:*
cpe:2.3:a:synology:cloud_station:2.0-2402:*:*:*:*:*:*:*
cpe:2.3:a:synology:cloud_station:2.1-2561:*:*:*:*:*:*:*
cpe:2.3:a:synology:cloud_station:2.1-2570:*:*:*:*:*:*:*
cpe:2.3:a:synology:cloud_station:2.1-2577:*:*:*:*:*:*:*
cpe:2.3:a:synology:cloud_station:3.0-3005:*:*:*:*:*:*:*
cpe:2.3:a:synology:cloud_station:3.0-3103:*:*:*:*:*:*:*
cpe:2.3:a:synology:cloud_station:3.0-3108:*:*:*:*:*:*:*
cpe:2.3:a:synology:cloud_station:3.0-3109:*:*:*:*:*:*:*
cpe:2.3:a:synology:cloud_station:3.0-3111:*:*:*:*:*:*:*
cpe:2.3:a:synology:cloud_station:3.1-3317:*:*:*:*:*:*:*
cpe:2.3:a:synology:cloud_station:3.1-3320:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00412
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
client_chown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename.
EPSS
Процентиль: 61%
0.00412
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-264