Command Injection Vulnerability in Synology Diskstation Manager (DSM) FTP Server

Command Injection Vulnerability in Synology Diskstation Manager (DSM) FTP Server

CVE-2018-13284 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

Command injection vulnerability in ftpd in Synology Diskstation Manager (DSM) before 6.2-23739-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.

Learn more about our User Device Pen Test.