← back
CVE-2022-36534

CVE-2022-36534

EPSS 54.2%
Vexday Risk Score
30Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS EPSS 54.2%KEV nãoPoC Nuclei Metasploit simPatch
Lifecycle
06 Sep 2022Metasploit module available
16 Sep 2022Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain multiple remote code execution (RCE) vulnerabilities via the Job_ExecuteBefore and Job_ExecuteAfter parameters at post_profilesettings.php.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/170245/Syncovery-For-Linux-Web-GUI-Authenticated-Remote-Command-Execution.htmlhttp://super.comhttps://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux/http://syncovery.com