exploitDog

CVE-2023-41740

Опубликовано: 31 авг. 2023

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to read specific files via unspecified vectors.

Ссылки

https://www.synology.com/en-global/security/advisory/Synology_SA_23_10
Patch
Vendor Advisory
https://www.synology.com/en-global/security/advisory/Synology_SA_23_10
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*

Версия до 1.3.1-9346-6 (исключая)

EPSS

Процентиль: 46%

0.00236

Низкий

5.3 Medium

CVSS3

Дефекты

Связанные уязвимости

GHSA-546p-cf3x-vwc8

CVSS3: 5.3

github

больше 2 лет назад

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to read specific files via unspecified vectors.

EPSS

Процентиль: 46%

0.00236

Низкий

5.3 Medium

CVSS3

Дефекты