Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology USB Copy before 2.2.0-1086 allows remote authenticated users to read or write arbitrary files via unspecified vectors.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Synology USB Copy 路径遍历漏洞
Vulnerability Description
Synology USB Copy是中国Synology公司的可帮助您在 Synology NAS 和外部 USB/SD 存储设备之间复制文件。 Synology USB Copy 2.2.0-1086之前版本存在路径遍历漏洞,该漏洞源于对webapi 组件中受限目录的路径名的不当限制,攻击者可以利用该漏洞读取或写入任意文件。
CVSS Information
N/A
Vulnerability Type
N/A