CVE-2017-11157CVE-2017-11157

Affected configuration(s):

cpe:/a:synology:cloud_station_backup:4.2.4-4393

Date published: 2017-08-30T16:29:00.257-04:00

Date last modified: 2017-09-05T08:57:21.577-04:00

CVSS Score: 4.6

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: https://www.synology.com/en-global/support/security/Synology_SA_17_50_Cloud_Station_Backup

Summary: Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.