CVE-2024-10443
CVSS V2 None
CVSS V3 None
Description
Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via unspecified vectors.
Overview
- CVE ID
- CVE-2024-10443
- Assigner
- synology
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-15T10:23:51.233Z
- Last Modified Date
- 2024-11-15T17:42:41.931Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_24_18 | vendor-advisory |
| https://www.synology.com/en-global/security/advisory/Synology_SA_24_19 | vendor-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-10443 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10443 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-11-16 13:21:52 | Added to TrackCVE |