Vulnerability Note VU#615910
Synology DiskStation Manager arbitrary file modification
Synology DiskStation Manager versions 4.3-3776-3 and below contain a vulnerability that allows a remote unauthenticated user to append arbitrary data to an arbitrary file under root privileges.
CWE-284: Improper Access Control - CVE-2013-6955
Synology DiskStation Manager versions 4.3-3776-3 and below allow a remote unauthenticated user to append arbitrary data to files on the system under root privileges. According to Synology:
To exploit this vulnerability, an attacker needs to send a specially crafted HTTP POST request to /webman/imageSelector.cgi containing the header fields X-TYPE-NAME: SLICEUPLOAD and X-TMP-FILE with the valid path of the file to append malicious code or data.
A remote unauthenticated attacker may be able to execute arbitrary code on the system under root privileges.
Apply an Update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Synology||Affected||08 Nov 2013||19 Dec 2013|
CVSS Metrics (Learn More)
Thanks to Markus Wulftange for reporting this vulnerability.
This document was written by Todd Lewellen.
- CVE IDs: CVE-2013-6955
- Date Public: 07 Jan 2014
- Date First Published: 07 Jan 2014
- Date Last Updated: 07 Jan 2014
- Document Revision: 14
If you have feedback, comments, or additional information about this vulnerability, please send us email.