CVE-2024-11398

CVSS V2 None CVSS V3 None
Description
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in OTP reset functionality in Synology Router Manager (SRM) before 1.3.1-9346-9 allows remote authenticated users to delete arbitrary files via unspecified vectors.
Overview
  • CVE ID
  • CVE-2024-11398
  • Assigner
  • synology
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-12-04T06:59:56.673Z
  • Last Modified Date
  • 2024-12-04T14:09:11.756Z
References
Reference URL Reference Tags
https://www.synology.com/en-global/security/advisory/Synology_SA_24_03 vendor-advisory
History
Created Old Value New Value Data Type Notes
2024-12-05 13:18:37 Added to TrackCVE