Syncthru Web Service Samsung Syncthru Web Service

Do you want an email whenever new security vulnerabilities are reported in Samsung Syncthru Web Service?

By the Year

In 2023 there have been 1 vulnerability in Samsung Syncthru Web Service with an average score of 7.5 out of ten. Syncthru Web Service did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.

Year Vulnerabilities Average Score
2023 1 7.50
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 4 6.10
2018 2 7.45

It may take a day or so for new Syncthru Web Service vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Samsung Syncthru Web Service Security Vulnerabilities

An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014

CVE-2021-35309 7.5 - High - August 22, 2023

An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks.

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/swsAlert.sws" in multiple parameters: flag

CVE-2019-7418 6.1 - Medium - March 21, 2019

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/swsAlert.sws" in multiple parameters: flag, frame, func, and Nfunc.

XSS

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters: ruiFw_id

CVE-2019-7419 6.1 - Medium - March 21, 2019

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters: ruiFw_id, ruiFw_pid, ruiFw_title.

XSS

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter.

CVE-2019-7420 6.1 - Medium - March 21, 2019

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter.

XSS

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL.

CVE-2019-7421 6.1 - Medium - March 21, 2019

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL.

XSS

Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters

CVE-2018-14904 6.1 - Medium - August 03, 2018

Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by ruiFw_pid.

XSS

Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request

CVE-2018-14908 8.8 - High - August 03, 2018

Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action.

Session Riding

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Samsung Syncthru Web Service or by Samsung? Click the Watch button to subscribe.

Samsung
Vendor

subscribe