Published: 21/05/2020 Updated: 22/05/2020
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated malicious user to execute arbitrary operating system commands with SYSTEM privileges.

Vulnerability Trend

Affected Products

Vendor Product Versions
DruvaInsync Client6.6.3

Mailing Lists

Druva inSync Windows Client version 663 suffers from a local privilege escalation vulnerability ...