← volver
CVE-2023-0142

CVE-2023-0142

CVSS 6.5 MEDIUMEPSS 0.9%CWE-427
Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.0.1-42218-7 and 7.1-42661 allows remote authenticated users with administrator privileges to read or write arbitrary files via unspecified vectors.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Productos afectados
Synology · DiskStation Manager (DSM)Synology · Synology Router Manager (SRM)Synology · Unified Controller (DSMUC)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.synology.com/en-global/security/advisory/Synology_SA_23_05https://www.synology.com/en-global/security/advisory/Synology_SA_23_06