| |
Vulnerability CVE-2022-27617
Published: 2022-08-03
Description: |
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology Calendar before 2.3.4-0631 allows remote authenticated users to download arbitrary files via unspecified vectors. |
Type:
CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))
References: |
https://www.synology.com/security/advisory/Synology_SA_20_07
|
|
|
Copyright 2024, cxsecurity.com
|
|
|