CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-8926

Permissive regular expression vulnerability in synophoto_dsm_user in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote authenticated users to conduct privilege escalation attacks via the fullname parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

Products affected by CVE-2018-8926

Synology » Photo Station » Version: 6.3-2958

cpe:2.3:a:synology:photo_station:6.3-2958
Synology » Photo Station » Version: 6.3-2960

cpe:2.3:a:synology:photo_station:6.3-2960
Synology » Photo Station » Version: 6.3-2962

cpe:2.3:a:synology:photo_station:6.3-2962
Synology » Photo Station » Version: 6.3-2963

cpe:2.3:a:synology:photo_station:6.3-2963
Synology » Photo Station » Version: 6.3-2964

cpe:2.3:a:synology:photo_station:6.3-2964
Synology » Photo Station » Version: 6.3-2965

cpe:2.3:a:synology:photo_station:6.3-2965
Synology » Photo Station » Version: 6.3-2967

cpe:2.3:a:synology:photo_station:6.3-2967
Synology » Photo Station » Version: 6.3-2968

cpe:2.3:a:synology:photo_station:6.3-2968
Synology » Photo Station » Version: 6.3-2970

cpe:2.3:a:synology:photo_station:6.3-2970
Synology » Photo Station » Version: 6.3-2971

cpe:2.3:a:synology:photo_station:6.3-2971
Synology » Photo Station » Version: 6.3-2974

cpe:2.3:a:synology:photo_station:6.3-2974
Synology » Photo Station » Version: 6.3-2975

cpe:2.3:a:synology:photo_station:6.3-2975
Synology » Photo Station » Version: 6.8.0-3456

cpe:2.3:a:synology:photo_station:6.8.0-3456
Synology » Photo Station » Version: 6.8.1-3458

cpe:2.3:a:synology:photo_station:6.8.1-3458
Synology » Photo Station » Version: 6.8.2-3461

cpe:2.3:a:synology:photo_station:6.8.2-3461
Synology » Photo Station » Version: 6.8.3-3463

cpe:2.3:a:synology:photo_station:6.8.3-3463
Synology » Photo Station » Version: 6.8.4-3468

cpe:2.3:a:synology:photo_station:6.8.4-3468

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-8926

Products

Pricing

Contact Us