Arbitrary File Write Vulnerability in Synology DNS Server

Arbitrary File Write Vulnerability in Synology DNS Server

CVE-2017-12074 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter.

Learn more about our Cis Benchmark Audit For Server Software.