CVE-2017-11150

Published: 2017-08-14T19:29Z

Last Modified: 2024-11-21T03:07Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt