Bypassing Directory Permission Checks in Synology Universal Search Highlight Preview

Bypassing Directory Permission Checks in Synology Universal Search Highlight Preview

CVE-2017-16773 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Improper authorization vulnerability in Highlight Preview in Synology Universal Search before 1.0.5-0135 allows remote authenticated users to bypass permission checks for directories in POSIX mode.

Learn more about our User Device Pen Test.