Remote File Deletion Vulnerability in Synology Router Manager (SRM)
CVE-2024-11398

Currently unrated

Key Information:

Vendor: Synology
Vendor: CVE Published:; 4 December 2024

Summary

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in OTP reset functionality in Synology Router Manager (SRM) before 1.3.1-9346-9 allows remote authenticated users to delete arbitrary files via unspecified vectors.

References

https://www.synology.com/en-global/security/advisory/Syno...

Timeline

Vulnerability published
Dec 4, 2024

Collectors

NVD Database