An information exposure vulnerability in default HTTP configuration file in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain sensitive system information via .htaccess file.
References
Link | Resource |
---|---|
https://www.synology.com/en-global/support/security/Synology_SA_17_63_Photo_Station | Vendor Advisory |
Information
Published : 2017-12-04 11:29
Updated : 2019-10-09 16:22
NVD link : CVE-2017-12080
Mitre link : CVE-2017-12080
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
synology
- photo_station