CVE-2018-13286

Incorrect default permissions vulnerability in synouser.conf in Synology Diskstation Manager (DSM) before 6.2-23739-1 allows remote authenticated users to obtain sensitive information via the world readable configuration.

Link	Resource
https://www.synology.com/security/advisory/Synology_SA_18_33	Vendor Advisory

Configuration 1

cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:* cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:* cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:* cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*

---

Published : 2019-04-01 03:29

Updated : 2019-10-09 11:34

---

NVD link : CVE-2018-13286

Mitre link : CVE-2018-13286

No products.

CWE-276

Incorrect Default Permissions