CVE-2017-11151

CRITICAL

Synology Photo Station < 6.7.3-3432 and 6.3-2967 - Unauthenticated Arbitrary File Upload via synotheme_upload.php

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-11151. PoCs published by Kacper Szurek.

AI-analyzed exploit summary This exploit chains multiple vulnerabilities in Synology Photo Station to achieve remote code execution. It involves session manipulation, arbitrary file upload, and path traversal to execute PHP code as the PhotoStation user.

Description

A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logo_upload action.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Kacper Szurek · pythonwebappshardware
https://www.exploit-db.com/exploits/42434

This exploit chains multiple vulnerabilities in Synology Photo Station to achieve remote code execution. It involves session manipulation, arbitrary file upload, and path traversal to execute PHP code as the PhotoStation user.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Synology Photo Station (versions affected by CVE-2017-11155)
No auth needed
Prerequisites: Network access to the target Synology Photo Station · Knowledge of the target IP address
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/42434/

Scores

CVSS v3 9.8
EPSS 0.2525
EPSS Percentile 97.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-287
Status published
Products (3)
synology/photo_station 6.3-2967
synology/photo_station < 6.7.2-3429
Synology/Synology Photo Station before 6.7.3-3432 and 6.3-2967
Published Aug 08, 2017
Tracked Since Feb 18, 2026