High severity7.8NVD Advisory· Published Aug 31, 2017· Updated Jun 17, 2026
CVE-2017-11158
CVE-2017-11158
Description
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:synology:cloud_station_drive:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:synology:cloud_station_drive:*:*:*:*:*:*:*:*range: <=4.2.4-4393
- (no CPE)range: <4.2.5-4396
- (no CPE)range: before 4.2.5-4396
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.