Vulnerability Details CVE-2017-15893
Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology File Station before 1.1.1-0099 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2017-15893
-
cpe:2.3:a:synology:file_station:1.0.0-0027
-
cpe:2.3:a:synology:file_station:1.0.0-0039
-
cpe:2.3:a:synology:file_station:1.0.1-0046
-
cpe:2.3:a:synology:file_station:1.0.2-0049
-
cpe:2.3:a:synology:file_station:1.1.0-0075
-
cpe:2.3:a:synology:file_station:1.1.1-0095