Vulnerability Details CVE-2017-16773
Improper authorization vulnerability in Highlight Preview in Synology Universal Search before 1.0.5-0135 allows remote authenticated users to bypass permission checks for directories in POSIX mode.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.4%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 6.5
References
Products affected by CVE-2017-16773
-
cpe:2.3:a:synology:universal_search:1.0.0-0066
-
cpe:2.3:a:synology:universal_search:1.0.1-0078
-
cpe:2.3:a:synology:universal_search:1.0.2-0087
-
cpe:2.3:a:synology:universal_search:1.0.3-0112
-
cpe:2.3:a:synology:universal_search:1.0.3-0170
-
cpe:2.3:a:synology:universal_search:1.0.4-0118