CVE-2021-29092 is a vulnerability in Synology Photo Station
Published on June 1, 2021
Unrestricted upload of file with dangerous type vulnerability in file management component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Vulnerability Analysis
CVE-2021-29092 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is an Unrestricted File Upload Vulnerability?
The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.
CVE-2021-29092 has been classified to as an Unrestricted File Upload vulnerability or weakness.
Products Associated with CVE-2021-29092
Want to know whenever a new CVE is published for Synology Photo Station? stack.watch will email you.
Affected Versions
Synology Photo Station:- Version unspecified and below 6.8.14-3500 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.