PT-2023-18923 · Synology · Music Station

Erik De Jong

Publicado

2023-10-06

Atualizado

2023-10-10

CVE-2023-23365

CVSS v3.1

7.7

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Music Station versions prior to 5.3.22

Description A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.

Recommendations For Music Station versions prior to 5.3.22, update to version 5.3.22 or later to resolve the issue.

Correção

Files Accessible to External Parties

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-552CWE-22

Identificadores relacionados

CVE-2023-23365

Produtos afetados

Music Station

PT-2023-18923 · Synology · Music Station

CVE-2023-23365

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7