VYPR
High severity7.2NVD Advisory· Published Aug 8, 2017· Updated Jun 17, 2026

CVE-2017-11154

CVE-2017-11154

Description

Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*range: <=6.7.2-3429
    • cpe:2.3:a:synology:photo_station:6.3-2967:*:*:*:*:*:*:*
    • (no CPE)range: <6.7.3-3432, <6.3-2967
    • (no CPE)range: before 6.7.3-3432 and 6.3-2967

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.