Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Relative path traversal vulnerability in SYNO.PhotoTeam.Upload.Item in Synology Moments before 1.3.0-0691 allows remote authenticated users to upload arbitrary files via the name parameter.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
相对路径遍历
Vulnerability Title
Synology Moments 路径遍历漏洞
Vulnerability Description
Synology Moments是中国台湾群晖科技(Synology)公司的一款图像和视频分类管理应用程序。改程序能够识别照片中的人物、主题和地点等,通过图像识别技术自动分类。 Synology Moments 1.3.0-0691之前版本中的SYNO.PhotoTeam.Upload.Item存在路径遍历漏洞。该漏洞源于网络系统或产品未能正确地过滤资源或文件路径中的特殊元素。攻击者可利用该漏洞访问受限目录之外的位置。
CVSS Information
N/A
Vulnerability Type
N/A