Synametrics: >> Synaman >> 4.1 Security Vulnerabilities
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-04-06
The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges.
CVSS Score
7.2
EPSS Score
0.015
Published
2022-04-06
An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.
CVSS Score
7.5
EPSS Score
0.007
Published
2022-01-27