VYPR
High severity7.5NVD Advisory· Published May 12, 2017· Updated Jun 17, 2026

CVE-2016-10331

CVE-2016-10331

Description

Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*range: <=6.5.2-3225
    • (no CPE)range: <6.5.3-3226
    • (no CPE)range: All versions prior to version 6.5.3-3226

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.