Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Missing authorization vulnerability in GetLiveViewPath webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
授权机制缺失
Vulnerability Title
Synology Surveillance Station 安全漏洞
Vulnerability Description
Synology Surveillance Station是中国群晖科技(Synology)公司的一个应用程序。提供智能监控和视频管理工具来保护您的宝贵资产。 Synology Surveillance Station 9.2.0-11289 版本之前存在安全漏洞,该漏洞源于 webapi 组件的 GetLiveViewPath 方法存在缺少授权检查。经过身份验证的远程攻击者通过该漏洞可以获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A