cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-47266,https://securityvulnerability.io/vulnerability/CVE-2024-47266,Path Traversal in Synology Active Backup for Business Affects User Data Access,"A Path Traversal vulnerability in Synology's Active Backup for Business allows remote authenticated users with administrator privileges to access certain files that should be restricted. This flaw exists in the share file list functionality and may let users read non-sensitive information through unspecified methods, posing a risk to data integrity and confidentiality.",Synology,Active Backup For Business,2.7,LOW,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-02-13T06:26:06.229Z,0
CVE-2024-47265,https://securityvulnerability.io/vulnerability/CVE-2024-47265,Path Traversal Vulnerability in Synology Active Backup for Business,"This vulnerability involves improper limitation of a pathname to a restricted directory in the encrypted share umount functionality of Synology Active Backup for Business. It allows remote authenticated users to write specific files, potentially compromising the security of sensitive data. Users running versions prior to 2.7.1-13234, 2.7.1-23234, and 2.7.1-3234 should take immediate action to secure their systems.",Synology,Active Backup For Business,6.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-02-13T06:25:55.487Z,0
CVE-2024-47264,https://securityvulnerability.io/vulnerability/CVE-2024-47264,Path Traversal Vulnerability in Synology Active Backup for Business,"A path traversal vulnerability in Synology Active Backup for Business allows remote authenticated users with admin privileges to navigate and manipulate the file directory structure. This issue could lead to the unauthorized deletion of arbitrary files, posing significant risks to data integrity and operational functionalities. It is crucial for organizations using affected versions to implement the latest security patches and monitor for any suspicious activities related to unauthorized file access.",Synology,Active Backup For Business,4.9,MEDIUM,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-02-13T06:25:31.750Z,0
CVE-2023-52949,https://securityvulnerability.io/vulnerability/CVE-2023-52949,Synology Active Backup for Business vulnerability exposed local users' credentials,Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors.,Synology,Synology Active Backup For Business Agent,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-26T03:42:35.862Z,0
CVE-2023-52948,https://securityvulnerability.io/vulnerability/CVE-2023-52948,Missing Encryption of Sensitive Data in Synology Active Backup for Business Agent Could Lead to User Credentials Theft,Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors.,Synology,Synology Active Backup For Business Agent,5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-26T03:41:55.659Z,0
CVE-2023-52947,https://securityvulnerability.io/vulnerability/CVE-2023-52947,"Local Users Can Logout Client Via Unspecified Vectors, Backup Functionality Unaffected",Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be affected by the logout.,Synology,Synology Active Backup For Business Agent,3.3,LOW,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-26T03:41:03.462Z,0
CVE-2023-52950,https://securityvulnerability.io/vulnerability/CVE-2023-52950,Man-in-the-Middle Attack on Synology Active Backup for Business Lets Hackers Access User Credentials,Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows adjacent man-in-the-middle attackers to obtain user credential via unspecified vectors.,Synology,Synology Active Backup For Business Agent,5.3,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-09-26T03:40:25.753Z,0