NotCVE - vendor:"Synology" product:"Photo Station" version:"6.6.0-3339"

Page 3 of 21 results (0.002 seconds)

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0

CVE-2017-9552

https://notcve.org/view.php?id=CVE-2017-9552

13 Jun 2017 — A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user --auth USERNAME PASSWORD", and local users are able to obtain credentials by sniffing "/proc/*/cmdline". Un fallo de diseño en la autenticación en Synology Photo Station de la versión 6.0-2528 a la 6.7.1-3419 permite que usuarios locales obtengan cr... • http://blog.crozat.net/2017/06/synology-photostation-password-vulnerabilty.html • CWE-287: Improper Authentication CWE-522: Insufficiently Protected Credentials •

1 2 3