CVE-2017-11156

HIGH

Synology Download Station 3.x < 3.5-2984 & 3.8.x < 3.8.5-3475 - Authenticated RCE via Weak Permissions

Title source: llm

Description

Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions (0777) for ui/dlm/btsearch directory, which allows remote authenticated users to execute arbitrary code by uploading an executable via unspecified vectors.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://www.synology.com/en-global/support/security/Synology_SA_17_28_Download_Station

Scores

CVSS v3 7.8

EPSS 0.0221

EPSS Percentile 80.3%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-276 CWE-732

Status published

Products (34)

synology/download_station 3.2-2295

synology/download_station 3.3-2382

synology/download_station 3.3-2383

synology/download_station 3.3-2386

synology/download_station 3.4-2477

synology/download_station 3.4-2478

synology/download_station 3.4-2480

synology/download_station 3.4-2485

synology/download_station 3.4-2486

synology/download_station 3.4-2489

... and 24 more

Published Aug 14, 2017

Tracked Since Feb 18, 2026