File Station

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:synology:file_station:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorSynology (65464e9b-7339-559d-9719-837f074e0220)
ProductFile Station (7225b643-da49-556b-97a7-8a3b92ee3d9e)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2018-8923 vulnerable 2026-06-03 14:39:09.575976 Details available
MEDIUM (6.5)
Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology File Station before 1.1.4-0122 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.
Published: 2018-06-05T14:00:00.000Z
Updated: 2024-09-16T22:03:41.521Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-13288 vulnerable 2026-06-03 14:38:10.412215 Details available
MEDIUM (5.3)
Information exposure vulnerability in SYNO.FolderSharing.List in Synology File Station before 1.2.3-0252 and before 1.1.5-0125 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter.
Published: 2019-04-01T14:27:25.734Z
Updated: 2024-09-17T00:07:02.059Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-15893 vulnerable 2026-06-03 14:36:47.105248 Details available
Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology File Station before 1.1.1-0099 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.
Published: 2017-12-08T16:00:00.000Z
Updated: 2024-09-17T02:16:52.281Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.