PT-2025-49039 · Synology · Synology Beedrive
Zhao Runzi
·
Published
2025-12-04
·
Updated
2026-02-04
·
CVE-2025-54160
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Synology BeeDrive for desktop versions prior to 1.4.2-13960
Description
A path traversal issue exists in BeeDrive. This allows local users to potentially execute arbitrary code. The issue is due to insufficient restriction of file paths. The vulnerability affects the desktop application.
Recommendations
Update Synology BeeDrive for desktop to version 1.4.2-13960 or later.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Synology Beedrive