Vulnerabilities > Synology > Photo Station > 6.5.3.3226

DATE CVE VULNERABILITY TITLE RISK
2017-08-08 CVE-2017-11151 Improper Authentication vulnerability in Synology Photo Station
A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logo_upload action.
network
low complexity
synology CWE-287
critical
 9.8
9.8
2017-06-13 CVE-2017-9552 Improper Authentication vulnerability in Synology Photo Station
A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline.
local
low complexity
synology CWE-287
7.8
7.8