File and Directory Information Exposure Vulnerability in Synology Surveillance Station

File and Directory Information Exposure Vulnerability in Synology Surveillance Station

CVE-2017-16770 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

File and directory information exposure vulnerability in SYNO.SurveillanceStation.PersonalSettings.Photo in Synology Surveillance Station before 8.1.2-5469 allows remote authenticated users to obtain other user's sensitive files via the filename parameter.

Learn more about our User Device Pen Test.