← volver
CVE-2025-56869

CVE-2025-56869

CVSS 5.3 MEDIUMEPSS 0.7%CWE-22
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.3EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
19 sep 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Directory traversal vulnerability in Sync In server thru 1.1.1 allowing authenticated attackers to gain read and write access to the system via FilesManager.saveMultipart function in backend/src/applications/files/services/files-manager.service.ts, and FilesManager.compress function in backend/src/applications/files/services/files-manager.service.ts.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Productos afectados
n/a · n/a