CVE-2024-47263

MEDIUM NVD

CVSS Score 4.1

Severity MEDIUM

Published Jun 03, 2026

Vendor unknown

Description

An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users with administrator privileges to write specific files containing non-sensitive information via unspecified vectors.

References

https://www.synology.com/en-global/releaseNote/HyperBackup?model=DS224%2B&os=DSM&version=7_x_series