CVE-2024-11399

Description

Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors.

PUBLISHED Reserved 2024-11-19 | Published 2026-05-27 | Updated 2026-05-27 | Assigner synology

Problem types

Files or Directories Accessible to External Parties

Product status

Credits

Bocheng Xiang with FDU(@crispr) finder

References

www.synology.com/...obal/security/advisory/Synology_SA_24_26 (Synology-SA-24:26 BeeDrive for desktop) vendor-advisory

cve.org (CVE-2024-11399)

nvd.nist.gov (CVE-2024-11399)

Download JSON