Incorrect default permissions vulnerability in synouser.conf in Synology Diskstation Manager (DSM) before 6.2-23739-1 allows remote authenticated users to obtain sensitive information via the world readable configuration.
During installation, installed file permissions are set to allow anyone to modify those files.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Diskstation_manager | Synology | 5.2 (including) | 5.2-5967-8 (excluding) |
Diskstation_manager | Synology | 6.0 (including) | 6.0.3-8754-8 (excluding) |
Diskstation_manager | Synology | 6.1 (including) | 6.1.7-15284-1 (excluding) |
Diskstation_manager | Synology | 6.2 (including) | 6.2-23739-1 (excluding) |