← back
CVE-2017-17088

CVE-2017-17088

EPSS 7.0%
The Enterprise version of SyncBreeze 10.2.12 and earlier is affected by a Remote Denial of Service vulnerability. The web server does not check bounds when reading server requests in the Host header on making a connection, resulting in a classic Buffer Overflow that causes a Denial of Service.
Affected products
n/a · n/a
public PoCs found3
cve_referencepacketstormsecurity.com/files/145435/Sync-Breeze-10.2.12-Denial-Of-Service.htmlunverifiedcve_referencewww.exploit-db.com/exploits/43344/unverifiedexploitdbwww.exploit-db.com/exploits/43344unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/145435/Sync-Breeze-10.2.12-Denial-Of-Service.htmlhttp://seclists.org/fulldisclosure/2017/Dec/45https://www.exploit-db.com/exploits/43344/