CVE-2016-10331
HIGHSynology Photo Station < 6.5.3-3226 - Path Traversal via Download ID Parameter
Title source: llmDescription
Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id parameter.
References (2)
Core 2
Core References
Release Notes x_refsource_confirm
https://www.synology.com/en-global/support/security/Photo_Station_6_5_3_3226
Exploit, Third Party Advisory x_refsource_misc
https://bamboofox.github.io/2017/03/20/Synology-Bug-Bounty-2016/#Vul-06-Local-File-Inclusion
Scores
CVSS v3
7.5
EPSS
0.0039
EPSS Percentile
60.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (2)
synology/photo_station
< 6.5.2-3225
Synology/Synology Photo Station
All versions prior to version 6.5.3-3226
Published
May 12, 2017
Tracked Since
Feb 18, 2026