VYPR
Medium severity6.5NVD Advisory· Published Dec 8, 2017· Updated Jun 17, 2026

CVE-2017-15894

CVE-2017-15894

Description

Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology DiskStation Manager (DSM) 6.0.x before 6.0.3-8754-3 and before 5.2-5967-6 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:o:synology:diskstation_manager:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:synology:diskstation_manager:*:*:*:*:*:*:*:*range: >=5.2,<5.2-5967-6
    • (no CPE)range: <6.0.3-8754-3, <5.2-5967-6
    • (no CPE)range: 6.0.x before 6.0.3-8754-3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.