Vulnerabilities > CVE-2022-22685 - Unspecified vulnerability in Synology Webdav Server

CVSS 8.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

synology

NVD

Published: 2022-07-28

Updated: 2024-11-21

Summary

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology WebDAV Server before 2.4.0-0062 allows remote authenticated users to delete arbitrary files via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Synology Synology Webdav Server *	1

References

https://www.synology.com/security/advisory/Synology_SA_21_09
https://www.synology.com/security/advisory/Synology_SA_21_09