CVE-2021-29092: Malicious File Upload
First published: Tue Jun 01 2021(Updated: )
Unrestricted upload of file with dangerous type vulnerability in file management component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Credit: security@synology.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Synology Photo Station | >=6.8<6.8.14-3500 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-29092?
CVE-2021-29092 is a vulnerability that allows remote authenticated users to execute arbitrary code via unspecified vectors in Synology Photo Station before version 6.8.14-3500.
How severe is CVE-2021-29092?
CVE-2021-29092 has a severity rating of 8.8 (high).
How does CVE-2021-29092 affect Synology Photo Station?
CVE-2021-29092 affects Synology Photo Station before version 6.8.14-3500 by allowing remote authenticated users to execute arbitrary code via unspecified vectors.
How can the unrestricted upload of file with dangerous type vulnerability be exploited?
The unrestricted upload of file with dangerous type vulnerability in Synology Photo Station before version 6.8.14-3500 can be exploited by remote authenticated users to execute arbitrary code through unspecified vectors.
Is there a fix for CVE-2021-29092?
Yes, the fix for CVE-2021-29092 is to update Synology Photo Station to version 6.8.14-3500 or later.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/synology
- canonical/synology photo station
- version/synology photo station/6.8