Vulnerability Details CVE-2018-13289
Information exposure vulnerability in SYNO.FolderSharing.List in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 62.8%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2018-13289
-
cpe:2.3:a:synology:router_manager:1.1
-
cpe:2.3:a:synology:router_manager:1.1-6338
-
cpe:2.3:a:synology:router_manager:1.1-6338-1
-
cpe:2.3:a:synology:router_manager:1.1-6338-2
-
cpe:2.3:a:synology:router_manager:1.1.1-6414
-
cpe:2.3:a:synology:router_manager:1.1.1-6414-1
-
cpe:2.3:a:synology:router_manager:1.1.2-6425
-
cpe:2.3:a:synology:router_manager:1.1.2-6425-1
-
cpe:2.3:a:synology:router_manager:1.1.2-6425-2
-
cpe:2.3:a:synology:router_manager:1.1.2-6425-3
-
cpe:2.3:a:synology:router_manager:1.1.3-6447
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-1
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-2
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-3
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-4
-
cpe:2.3:a:synology:router_manager:1.1.4-6509
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-1
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-2
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-3
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-4
-
cpe:2.3:a:synology:router_manager:1.1.5-6542
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-1
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-2
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-3
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-4
-
cpe:2.3:a:synology:router_manager:1.1.6-6931
-
cpe:2.3:a:synology:router_manager:1.1.6-6931-1
-
cpe:2.3:a:synology:router_manager:1.1.6-6931-2
-
cpe:2.3:a:synology:router_manager:1.1.6-6931-3
-
cpe:2.3:a:synology:router_manager:1.1.7-6941
-
cpe:2.3:a:synology:router_manager:1.1.7-6941-1