Information Exposure Vulnerability in SYNO.Personal.Profile in Synology Application Service

Information Exposure Vulnerability in SYNO.Personal.Profile in Synology Application Service

CVE-2018-13294 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Information exposure vulnerability in SYNO.Personal.Profile in Synology Application Service before 1.5.4-0320 allows remote authenticated users to obtain sensitive system information via the uid parameter.

Learn more about our User Device Pen Test.