Samsung Syncthru Web Service vulnerabilities
3 known vulnerabilities affecting samsung/syncthru_web_service.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-35309HIGHCVSS 7.5v5.932023-08-22
CVE-2021-35309 [HIGH] CWE-269 CVE-2021-35309: An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain esc
An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks.
nvd
CVE-2018-14908HIGHCVSS 8.8v4.05.612018-08-03
CVE-2018-14908 [HIGH] CWE-352 CVE-2018-14908: Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws
Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action.
nvd
CVE-2018-14904MEDIUMCVSS 6.1v4.05.612018-08-03
CVE-2018-14904 [MEDIUM] CWE-79 CVE-2018-14904: Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on sever
Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by ruiFw_pid.
nvd