CVE-2018-13297

Information exposure vulnerability in SYNO.SynologyDrive.Files in Synology Drive before 1.1.2-10562 allows remote attackers to obtain sensitive system information via the dsm_path parameter.

References

https://www.synology.com/security/advisory/Synology_SA_18_50