CVE-2017-11157

Name of the Vulnerable Software and Affected Versions Synology Cloud Station Backup versions prior to 4.2.5-4396

Description The issue allows local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse file in the current working directory, specifically targeting shfolder.dll, ntmarta.dll, secur32.dll, or dwmapi.dll files.

Recommendations For versions prior to 4.2.5-4396, update to version 4.2.5-4396 or later to resolve the issue. As a temporary workaround, consider restricting access to the installer to minimize the risk of exploitation. Avoid placing untrusted files in the current working directory, especially those with names similar to shfolder.dll, ntmarta.dll, secur32.dll, or dwmapi.dll, until the issue is resolved.