PT-2018-18723 · Synology · Synology Photo Station
Thomas Fady
·
Publicado
2018-06-08
·
Atualizado
2019-10-09
·
CVE-2018-8925
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Synology Photo Station versions prior to 6.8.5-3471
Synology Photo Station versions prior to 6.3-2975
Description
A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of administrators. This can be achieved via the
username, password, admin, action, uid, or modify admin parameter.Recommendations
For Synology Photo Station versions prior to 6.8.5-3471, update to version 6.8.5-3471 or later.
For Synology Photo Station versions prior to 6.3-2975, update to version 6.3-2975 or later.
Correção
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Synology Photo Station