Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology Storage Analyzer before 2.1.0-0390 allows remote authenticated users to delete arbitrary files via unspecified vectors.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Synology Storage Analyzer 路径遍历漏洞
Vulnerability Description
Synology Storage Analyzer是中国Synology公司的一个存储分析器。可让您快速浏览 Synology NAS 的整体使用趋势,创建和管理任务以分析存储空间,并生成有关卷使用情况的详细报告。 Synology Storage Analyzer 2.1.0-0390之前版本存在路径遍历漏洞,该漏洞源于对受限目录的路径名的不当限制,攻击者可以利用该漏洞通过未指定的向量删除任意文件。
CVSS Information
N/A
Vulnerability Type
N/A