Synology: >> Audio Station >> 6.4.1-3322 Security Vulnerabilities
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology Audio Station before 6.5.4-3367 allows remote authenticated users to delete arbitrary files via unspecified vectors.
CVSS Score
5.4
EPSS Score
0.01
Published
2022-07-28
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Audio Station before 6.5.4-3367 allows remote attackers to execute arbitrary commands via unspecified vectors.
CVSS Score
7.3
EPSS Score
0.019
Published
2022-07-28