cbcvebase.

Flexense Diskboss vulnerabilities

8 known vulnerabilities affecting flexense/diskboss.

Total CVEs
8
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH6MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2018-5262P2CRITICALCVSS 9.8PoC≤ 8.8.162018-01-12
CVE-2018-5262 [CRITICAL] CWE-787 CVE-2018-5262: A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and earlier allows unauthenticated remote A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and earlier allows unauthenticated remote attackers to execute arbitrary code in the context of a highly privileged account.
nvd
CVE-2017-7310P2HIGHCVSS 7.8PoCv7.8.162017-03-29
CVE-2017-7310 [HIGH] CWE-119 CVE-2017-7310: A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9, DiskPulse before 10.6, DiskSavvy before 10.6, DupScout before 10.6, and VX Search before 10.6 allows attackers to execute arbitrary code via a crafted XML file containing a long name attribute of a classify element.
nvd
CVE-2017-15665P3HIGHCVSS 7.5PoCv8.5.122018-01-10
CVE-2017-15665 [HIGH] CWE-358 CVE-2017-15665: In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulner In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 8094.
nvd
CVE-2020-36882P3HIGHCVSS 7.5v7.7.142025-12-05
CVE-2020-36882 [HIGH] CWE-434 CVE-2020-36882: Flexsense DiskBoss 7.7.14 allows unauthenticated attackers to upload arbitrary files via /Command/Se Flexsense DiskBoss 7.7.14 allows unauthenticated attackers to upload arbitrary files via /Command/Search Files/Directory field, leading to a denial of service by crashing the application.
nvd
CVE-2020-36881P3HIGHCVSS 7.8v7.7.142025-12-05
CVE-2020-36881 [HIGH] CWE-119 CVE-2020-36881: Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Input Directory' co Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Input Directory' component that allows unauthenticated attackers to execute arbitrary code on the system. Attackers can exploit this by pasting a specially crafted directory path into the 'Add Input Directory' field.
nvd
CVE-2020-36880P3HIGHCVSS 7.8v7.7.142025-12-05
CVE-2020-36880 [HIGH] CWE-119 CVE-2020-36880: Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Reports and Data Di Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Reports and Data Directory' field that allows an attacker to execute arbitrary code on the system.
nvd
CVE-2018-5261P3HIGHCVSS 8.1≤ 8.8.162018-02-02
CVE-2018-5261 [HIGH] CWE-311 CVE-2018-5261: An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. Due to the usage of plaintext infor An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. Due to the usage of plaintext information from the handshake as input for the encryption key used for the encryption of the rest of the session, the server and client disclose sensitive information, such as the authentication credentials, to any man-in-the-middle (MiTM) listener.
nvd
CVE-2018-10294P4MEDIUMCVSS 6.1≤ 9.1.162018-05-02
CVE-2018-10294 [MEDIUM] CWE-79 CVE-2018-10294: Flexense DiskBoss Enterprise v7.4.28 to v9.1.16 has XSS. Flexense DiskBoss Enterprise v7.4.28 to v9.1.16 has XSS.
nvd
Flexense Diskboss vulnerabilities | cvebase