← back
CVE-2017-15950

CVE-2017-15950

EPSS 5.5%
Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. The flaw is triggered by providing a long input into the "Destination directory" field, either within an XML document or through use of passive mode.
Affected products
n/a · n/a
public PoCs found3
githubgithub.com/rnnsz/CVE-2017-159500cve_referencepacketstormsecurity.com/files/162008/SyncBreeze-10.1.16-Buffer-Overflow.htmlunverifiedexploitdbwww.exploit-db.com/exploits/49725unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/162008/SyncBreeze-10.1.16-Buffer-Overflow.htmlhttp://seclists.org/fulldisclosure/2017/Oct/64