Vulnerability Details CVE-2021-29092
Unrestricted upload of file with dangerous type vulnerability in file management component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 82.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2021-29092
-
cpe:2.3:a:synology:photo_station:6.8
-
cpe:2.3:a:synology:photo_station:6.8.0-3456
-
cpe:2.3:a:synology:photo_station:6.8.1-3458
-
cpe:2.3:a:synology:photo_station:6.8.10-3487
-
cpe:2.3:a:synology:photo_station:6.8.11-3489
-
cpe:2.3:a:synology:photo_station:6.8.12-3496
-
cpe:2.3:a:synology:photo_station:6.8.13-3499
-
cpe:2.3:a:synology:photo_station:6.8.2-3461
-
cpe:2.3:a:synology:photo_station:6.8.3-3463
-
cpe:2.3:a:synology:photo_station:6.8.4-3468
-
cpe:2.3:a:synology:photo_station:6.8.5-3471
-
cpe:2.3:a:synology:photo_station:6.8.6-3479
-
cpe:2.3:a:synology:photo_station:6.8.7-3481
-
cpe:2.3:a:synology:photo_station:6.8.8-3482
-
cpe:2.3:a:synology:photo_station:6.8.9-3483