Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

File Station

Source -

CNA

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2018-13288
Assigner-Synology Inc.
ShareView Details
Assigner-Synology Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.36% / 57.55%
||
7 Day CHG~0.00%
Published-01 Apr, 2019 | 14:27
Updated-17 Sep, 2024 | 00:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Information exposure vulnerability in SYNO.FolderSharing.List in Synology File Station before 1.2.3-0252 and before 1.1.5-0125 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter.

Action-Not Available
Vendor-Synology, Inc.
Product-file_stationFile Station
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-8923
Assigner-Synology Inc.
ShareView Details
Assigner-Synology Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.77%
||
7 Day CHG~0.00%
Published-05 Jun, 2018 | 14:00
Updated-16 Sep, 2024 | 22:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology File Station before 1.1.4-0122 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.

Action-Not Available
Vendor-Synology, Inc.
Product-file_stationFile Station
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')