Synology-SA-19:01 Photo Station
Publish Time: 2019-01-02 11:16:52 UTC+8
Last Updated: 2019-01-02 11:16:52 UTC+8
These vulnerabilities allow remote attackers to execute arbitrary SQL commands and remote authenticated users to upload arbitrary files via a susceptible version of Photo Station.
|Product||Severity||Fixed Release Availability|
|Photo Station 6.8||Important||Upgrade to 6.8.11-3489 or above.|
|Photo Station 6.3||Important||Upgrade to 6.3-2977 or above.|
Independent security researcher, MengHuan Yu, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.
|1||2019-01-02||Initial public release.|