Command Injection Vulnerability in Synology Router Manager (SRM) FTP Server

Command Injection Vulnerability in Synology Router Manager (SRM) FTP Server

CVE-2018-13285 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

Command injection vulnerability in ftpd in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.

Learn more about our User Device Pen Test.