Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
unknown-o download-station index.php path traversal
Vulnerability Description
A vulnerability, which was classified as critical, has been found in unknown-o download-station up to 1.1.8. This issue affects some unknown processing of the file index.php. The manipulation of the argument f leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250121 was assigned to this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
路径遍历:’../filedir’
Vulnerability Title
download-station 安全漏洞
Vulnerability Description
Synology Download Station是中国群晖科技(Synology)公司的一款浏览器扩展。可以在不访问 群晖 网页版本的情况下,浏览下载中心套件的正在下载与已下载任务,还可以添加任务。 download-station 1.1.8版本存在安全漏洞,该漏洞源于文件index.php的参数f会导致路径遍历。
CVSS Information
N/A
Vulnerability Type
N/A