VYPR
High severity7.8NVD Advisory· Published Aug 31, 2017· Updated Jun 17, 2026

CVE-2017-11158

CVE-2017-11158

Description

Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:synology:cloud_station_drive:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:synology:cloud_station_drive:*:*:*:*:*:*:*:*range: <=4.2.4-4393
    • (no CPE)range: <4.2.5-4396
    • (no CPE)range: before 4.2.5-4396

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.