CVE-2017-11162

Description

Directory traversal vulnerability in synphotoio in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to read arbitrary files via unspecified vectors.

Affected products

• Synology / Synology Photo Stationbefore 6.7.4-3433 and 6.3-2968 – before 6.7.4-3433 and 6.3-2968

References

• MISChttps://www.synology.com/en-global/support/security/Synology_SA_17_35_PhotoStation