Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samsung syncthru web service - vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-14908
Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action.
Samsung Syncthru Web Service 4.05.61
7.5
CVSSv3
CVE-2021-35309
An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows malicious users to gain escalated privileges via MITM attacks.
Samsung Syncthru Web Service 5.93
7.5
CVSSv3
CVE-2021-42913
The SyncThru Web Service on Samsung SCX-6x55X printers allows an malicious user to gain access to a list of SMB users and cleartext passwords by reading the HTML source code. Authentication is not required.
Samsung Syncthru Web Service -
3 Github repositories
6.1
CVSSv3
CVE-2019-7419
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters: ruiFw_id, ruiFw_pid, ruiFw_title.
Samsung Syncthru Web Service -
Samsung X7400gx Firmware 6.a6.25
6.1
CVSSv3
CVE-2019-7420
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter.
Samsung Syncthru Web Service -
Samsung X7400gx Firmware 6.a6.25
6.1
CVSSv3
CVE-2019-7418
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/swsAlert.sws" in multiple parameters: flag, frame, func, and Nfunc.
Samsung Syncthru Web Service -
Samsung X7400gx Firmware 6.a6.25
6.1
CVSSv3
CVE-2019-7421
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL.
Samsung Syncthru Web Service -
Samsung X7400gx Firmware 6.a6.25
6.1
CVSSv3
CVE-2018-14904
Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by ruiFw_pid.
Samsung Syncthru Web Service 4.05.61
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started