CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-5752

Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.167

EPSS Ranking 94.6%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

http://packetstormsecurity.com/files/157802/Druva-inSync-Windows-Client-6.6.3-Local-Privilege-Escalation.html
http://packetstormsecurity.com/files/160404/Druva-inSync-Windows-Client-6.6.3-Privilege-Escalation.html
https://www.tenable.com/security/research/tra-2020-34
http://packetstormsecurity.com/files/157802/Druva-inSync-Windows-Client-6.6.3-Local-Privilege-Escalation.html
http://packetstormsecurity.com/files/160404/Druva-inSync-Windows-Client-6.6.3-Privilege-Escalation.html
https://www.tenable.com/security/research/tra-2020-34

Products affected by CVE-2020-5752

Druva » Insync Client » Version: 6.6.3

cpe:2.3:a:druva:insync_client:6.6.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5752

Products

Pricing

Contact Us