VYPR
Medium severity6.5NVD Advisory· Published Dec 22, 2017· Updated Jun 17, 2026

CVE-2017-16766

CVE-2017-16766

Description

An improper access control vulnerability in synodsmnotify in Synology DiskStation Manager (DSM) before 6.1.4-15217 and before 6.0.3-8754-6 allows local users to inject arbitrary web script or HTML via the -fn option.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*range: >=6.0.0,<6.0.3-8754-6
    • cpe:2.3:o:synology:diskstation_manager:*:*:*:*:*:*:*:*range: >=6.1.0,<6.1.4-15217
    • (no CPE)range: <6.1.4-15217, <6.0.3-8754-6
    • (no CPE)range: before 6.1.4-15217

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.