CVE-2016-10330Path Traversal in Synology Photo Station

CWE-22Path Traversal3 documents3 sources
Severity
7.1HIGHNVD
EPSS
0.1%
top 83.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Synology Photo StationSynology Photo Station
Timeline
PublishedMay 12
Latest updateMay 13

Description

Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 6.5.3-3226 allows local users to write to arbitrary files via unspecified vectors.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 1.8 | Impact: 5.2

Affected Packages2 packages

NVDsynology/photo_station6.5.2-3225
CVEListV5synology/synology_photo_stationAll versions prior to version 6.5.3-3226

🔴Vulnerability Details

2
GHSA
GHSA-hxjj-5w2h-x8fg: Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 62022-05-13
CVEList
CVE-2016-10330: Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 62017-05-12
CVE-2016-10330 — Path Traversal in Synology | cvebase