### Key Information **Vulnerability Details** - **CVE IDs**: - CVE-2017-11151 - CVE-2017-11152 - CVE-2017-11153 - CVE-2017-11154 - CVE-2017-11155 - **Severity**: Critical - **Status**: Resolved **Affected Products and Versions** - **Product**: Photo Station - **Affected Versions**: Before 6.7.3-3432 and 6.3-2967 **Vulnerability Descriptions** - **CVE-2017-11151**: Unauthenticated remote attackers can exploit `synotheme_upload.php` to upload arbitrary files. - **CVE-2017-11152**: A directory traversal vulnerability in `PixlrEditorHandler.php` allows remote attackers to write arbitrary files via the `path` parameter. - **CVE-2017-11153**: A deserialization vulnerability in `synophoto_csPhotoMisc.php` allows remote attackers to gain administrator privileges using a crafted serialized payload. - **CVE-2017-11154**: An unrestricted file upload vulnerability in `PixlrEditorHandler.php` allows remote attackers to create arbitrary PHP scripts via the `type` parameter. - **CVE-2017-11155**: An information disclosure vulnerability in `index.php` allows remote attackers to obtain sensitive system information through unspecified vectors. **Mitigation** - No direct mitigations available **Update Availability** - Go to DSM > Package Center and update Photo Station to version 6.7.3-3432 or later (for DSM 5.2 users, update to 6.3-2967 or later) to resolve the security issues.