Synology-SA-19:01 Photo Station
Publish Time: 2019-01-02 11:16:52 UTC+8
Last Updated: 2019-06-30 22:56:08 UTC+8
- Severity
- Important
- Status
- Resolved
Abstract
These vulnerabilities allow remote attackers to execute arbitrary SQL commands and remote authenticated users to upload arbitrary files via a susceptible version of Photo Station.
Affected Products
Product | Severity | Fixed Release Availability |
---|---|---|
Photo Station 6.8 | Important | Upgrade to 6.8.11-3489 or above. |
Photo Station 6.3 | Important | Upgrade to 6.3-2977 or above. |
Mitigation
None
Detail
CVE-2019-11821
- Severity: Important
- CVSS3 Base Score: 7.3
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
- SQL injection vulnerability in synophoto_csPhotoDB.php in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackers to execute arbitrary SQL command via the type parameter.
CVE-2019-11822
- Severity: Moderate
- CVSS3 Base Score: 4.3
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
- Relative path traversal vulnerability in SYNO.PhotoStation.File in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackers to upload arbitrary files via the uploadphoto parameter.
Acknowledgement
Independent security researcher, MengHuan Yu, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.
Revision
Revision | Date | Description |
---|---|---|
1 | 2019-01-02 | Initial public release. |
2 | 2019-06-30 | Disclosed vulnerability details. |