Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
syncthru web service vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-35309
An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows malicious users to gain escalated privileges via MITM attacks.
Samsung Syncthru Web Service 5.93
6.1
CVSSv3
CVE-2018-14904
Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by ruiFw_pid.
Samsung Syncthru Web Service 4.05.61
8.8
CVSSv3
CVE-2018-14908
Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action.
Samsung Syncthru Web Service 4.05.61
6.1
CVSSv3
CVE-2019-7420
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter.
Samsung Syncthru Web Service -
Samsung X7400gx Firmware 6.a6.25
6.1
CVSSv3
CVE-2019-7419
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters: ruiFw_id, ruiFw_pid, ruiFw_title.
Samsung Syncthru Web Service -
Samsung X7400gx Firmware 6.a6.25
6.1
CVSSv3
CVE-2019-7418
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/swsAlert.sws" in multiple parameters: flag, frame, func, and Nfunc.
Samsung Syncthru Web Service -
Samsung X7400gx Firmware 6.a6.25
6.1
CVSSv3
CVE-2019-7421
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL.
Samsung Syncthru Web Service -
Samsung X7400gx Firmware 6.a6.25
7.5
CVSSv3
CVE-2021-42913
The SyncThru Web Service on Samsung SCX-6x55X printers allows an malicious user to gain access to a list of SMB users and cleartext passwords by reading the HTML source code. Authentication is not required.
Samsung Syncthru Web Service -
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started