Description
Server-Side request forgery (SSRF) vulnerability in task management component in Synology Download Station before 3.8.15-3563 allows remote authenticated users to read arbitrary files via unspecified vectors.
References
https://www.synology.com/security/advisory/Synology_SA_20_23
Vendor Advisory
https://www.synology.com/security/advisory/Synology_SA_20_23
Vendor Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
7.7 · High
Information
Source identifier
Vulnerability status
Modified
Published
2021-06-01T12:15:10.220Z
4 years agoLast modified
2024-11-21T05:08:28.370Z
1 year ago