6.5
CVE-2024-47265
- EPSS 0.09%
- Veröffentlicht 13.02.2025 07:15:10
- Zuletzt bearbeitet 26.02.2026 21:17:10
- Quelle security@synology.com
- CVE-Watchlists
- Unerledigt
LoginImproper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vectors.Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Synology ≫ Active Backup For Business Agent Version < 2.7.1-13234
Synology ≫ Active Backup For Business Agent Version < 2.7.1-3234
Synology ≫ Active Backup For Business Agent Version < 2.7.1-23234
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.267 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@synology.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
|
CWE-73 External Control of File Name or Path
The product allows user input to control or influence paths or file names that are used in filesystem operations.