Vulnerabilities > CVE-2022-36534 - Unspecified vulnerability in Syncovery

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

syncovery

NVD

Published: 2022-09-16

Updated: 2023-08-08

Summary

Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain multiple remote code execution (RCE) vulnerabilities via the Job_ExecuteBefore and Job_ExecuteAfter parameters at post_profilesettings.php.

Vulnerable Configurations

Part	Description	Count
Application	Syncovery Syncovery Syncovery *	1
OS	Linux Linux Linux Kernel -	1

References

http://super.com
https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux/
http://syncovery.com
http://packetstormsecurity.com/files/170245/Syncovery-For-Linux-Web-GUI-Authenticated-Remote-Command-Execution.html