Synology-SA-19:01 Photo Station
Publish Time: 2019-01-02 11:16:52 UTC+8
Last Updated: 2019-06-30 22:56:08 UTC+8
- Severity
- Important
- Status
- Resolved
Abstract
These vulnerabilities allow remote attackers to execute arbitrary SQL commands and remote authenticated users to upload arbitrary files via a susceptible version of Photo Station.
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| Photo Station 6.8 | Important | Upgrade to 6.8.11-3489 or above. |
| Photo Station 6.3 | Important | Upgrade to 6.3-2977 or above. |
Mitigation
None
Detail
CVE-2019-11821
- Severity: Important
- CVSS3 Base Score: 7.3
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
- SQL injection vulnerability in synophoto_csPhotoDB.php in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackers to execute arbitrary SQL command via the type parameter.
CVE-2019-11822
- Severity: Moderate
- CVSS3 Base Score: 4.3
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
- Relative path traversal vulnerability in SYNO.PhotoStation.File in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackers to upload arbitrary files via the uploadphoto parameter.
Acknowledgement
Independent security researcher, MengHuan Yu, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2019-01-02 | Initial public release. |
| 2 | 2019-06-30 | Disclosed vulnerability details. |