Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
syncthru web service vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-14904
Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by ruiFw_pid.
Samsung Syncthru Web Service 4.05.61
6.8
CVSSv2
CVE-2018-14908
Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action.
Samsung Syncthru Web Service 4.05.61
NA
CVE-2021-35309
An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows malicious users to gain escalated privileges via MITM attacks.
Samsung Syncthru Web Service 5.93
4.3
CVSSv2
CVE-2019-7420
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter.
Samsung Syncthru Web Service -
Samsung X7400gx Firmware 6.a6.25
4.3
CVSSv2
CVE-2019-7418
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/swsAlert.sws" in multiple parameters: flag, frame, func, and Nfunc.
Samsung Syncthru Web Service -
Samsung X7400gx Firmware 6.a6.25
4.3
CVSSv2
CVE-2019-7419
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters: ruiFw_id, ruiFw_pid, ruiFw_title.
Samsung Syncthru Web Service -
Samsung X7400gx Firmware 6.a6.25
4.3
CVSSv2
CVE-2019-7421
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL.
Samsung Syncthru Web Service -
Samsung X7400gx Firmware 6.a6.25
5
CVSSv2
CVE-2021-42913
The SyncThru Web Service on Samsung SCX-6x55X printers allows an malicious user to gain access to a list of SMB users and cleartext passwords by reading the HTML source code. Authentication is not required.
Samsung Syncthru Web Service -
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started