Medium severity4.1NVD Advisory· Published Jun 3, 2026· Updated Jun 5, 2026
CVE-2024-47263
CVE-2024-47263
Description
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users with administrator privileges to write specific files containing non-sensitive information via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:synology:hyper_backup:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:synology:hyper_backup:*:*:*:*:*:*:*:*range: <4.1.2-4036
- (no CPE)range: <4.1.2-4036
Patches
Vulnerability mechanics
References
1- www.synology.com/en-global/releaseNote/HyperBackupnvdRelease Notes
News mentions
1- Synology: Five Vulnerabilities Disclosed, Including Two High-Severity Code Execution FlawsVypr Intelligence · Jun 3, 2026