CVE-2018-8925 is a vulnerability in Synology Photo Station
Published on June 8, 2018

Cross-site request forgery (CSRF) vulnerability in admin/user.php in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote attackers to hijack the authentication of administrators via the (1) username, (2) password, (3) admin, (4) action, (5) uid, or (6) modify_admin parameter.

NVD

Products Associated with CVE-2018-8925

Want to know whenever a new CVE is published for Synology Photo Station? stack.watch will email you.

Synology Photo Station

Affected Versions

Synology Photo Station:

Version unspecified and below 6.8.5-3471 is affected.
Version unspecified and below 6.3-2975 is affected.

Exploit Probability

EPSS

0.14%

Percentile

33.57%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-8925 is a vulnerability in Synology Photo StationPublished on June 8, 2018

Products Associated with CVE-2018-8925

Affected Versions

Exploit Probability

CVE-2018-8925 is a vulnerability in Synology Photo Station
Published on June 8, 2018