High severity7.8NVD Advisory· Published Aug 30, 2017· Updated Jun 17, 2026
CVE-2017-11157
CVE-2017-11157
Description
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:synology:cloud_station_backup:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:synology:cloud_station_backup:*:*:*:*:*:*:*:*range: <=4.2.4-4393
- (no CPE)range: <4.2.5-4396
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.