Affected configuration(s):


Date published: 2017-08-30T16:29:00.257-04:00

Date last modified: 2017-09-05T08:57:21.577-04:00

CVSS Score: 4.6

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL:

Summary: Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.