CVE-2017-11157
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-11157
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Synology Cloud Station Backup for Windows 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Synology Cloud Station Backup for Windows是群晖科技(Synology)公司的一款基于Windows的应用程序,可用于备份电脑资料。 基于Windows平台的Synology Cloud Station Backup 4.2.5-4396之前的版本中安装程序存在不可信的搜索路径漏洞。本地攻击者可借助当前工作目录下的恶意文件利用该漏洞执行任意代码或实施DLL劫持攻击。(恶意文件包括:(1) shfolder.dll、(2) ntmarta.dll、(3) secur3
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2017-11157
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-11157
请登录查看更多情报信息。
Same Patch Batch · n/a · 2017-08-30 · 39 CVEs total
| CVE-2017-13768 | ImageMagick 代码问题漏洞 | |
| CVE-2017-13780 | EyesOfNetwork web interface 路径遍历漏洞 | |
| CVE-2016-10504 | OpenJPEG 缓冲区错误漏洞 | |
| CVE-2016-10505 | OpenJPEG 代码问题漏洞 | |
| CVE-2016-10506 | OpenJPEG 数字错误漏洞 | |
| CVE-2016-10507 | OpenJPEG 数字错误漏洞 | |
| CVE-2017-13764 | Wireshark Modbu解析器安全漏洞 | |
| CVE-2017-13765 | Wireshark IrCOMM解析器缓冲区错误漏洞 | |
| CVE-2017-13766 | Wireshark Profinet I/O解析器安全漏洞 | |
| CVE-2017-13767 | Wireshark MSDP解析器资源管理错误漏洞 | |
| CVE-2017-12717 | Advantech WebAccess 安全漏洞 | |
| CVE-2017-13769 | ImageMagick 安全漏洞 | |
| CVE-2017-13774 | Hikvision iVMS-4200 安全漏洞 | |
| CVE-2017-13775 | GraphicsMagick 安全漏洞 | |
| CVE-2017-13776 | GraphicsMagick 安全漏洞 | |
| CVE-2017-13777 | GraphicsMagick 安全漏洞 | |
| CVE-2017-13778 | Fiyo CMS 跨站脚本漏洞 | |
| CVE-2017-13762 | ONOS 跨站脚本漏洞 | |
| CVE-2017-13763 | ONOS 资源管理错误漏洞 | |
| CVE-2017-9945 | Siemens 7KM PAC Switched Ethernet PROFINET扩展模块输入验证漏洞 |
Showing top 20 of 39 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2017-11157
No comments yet