Vulnerabilities > Synology

DATE	CVE	VULNERABILITY TITLE	RISK
2017-05-12	CVE-2016-10330	Path Traversal vulnerability in Synology Photo Station Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 6.5.3-3226 allows local users to write to arbitrary files via unspecified vectors. local low complexity synology CWE-22	7.1
2017-05-12	CVE-2016-10329	Command Injection vulnerability in Synology Photo Station Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to execute arbitrary code via shell metacharacters in the crafted 'X-Forwarded-For' header. network low complexity synology CWE-77 critical	9.8
2017-04-10	CVE-2016-10323	Permissions, Privileges, and Access Controls vulnerability in Synology Photo Station Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command. local low complexity synology CWE-264	7.8
2017-04-10	CVE-2016-10322	Command Injection vulnerability in Synology Photo Station Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php. network low complexity synology CWE-77	8.8

Vulnerabilities > Synology {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Synology"}]}