VYPR
High severity7.8NVD Advisory· Published Aug 23, 2017· Updated Jun 17, 2026

CVE-2017-11159

CVE-2017-11159

Description

Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:synology:photo_station_uploader:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:synology:photo_station_uploader:*:*:*:*:*:*:*:*range: <=1.4.1-083
    • (no CPE)range: <1.4.2-084
  • Range: before 1.4.2-084

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.