Samsung Syncthru Web Service — known CVE vulnerabilities
Every CVE whose affected-product data names Samsung Syncthru Web Service, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2018-14908 — CVSS 8.8 (high): Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printRepor…
CVE-2021-35309 — CVSS 7.5 (high): An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks.
CVE-2021-42913 — CVSS 7.5 (high): The SyncThru Web Service on Samsung SCX-6x55X printers allows an attacker to gain access to a list of SMB users and cleartext passwords by…
CVE-2018-14904 — CVSS 6.1 (medium): Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by…
CVE-2019-7421 — CVSS 6.1 (medium): XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple…
CVE-2019-7420 — CVSS 6.1 (medium): XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView…
CVE-2019-7418 — CVSS 6.1 (medium): XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/swsAlert.sws" in multiple parameters: flag…
CVE-2019-7419 — CVSS 6.1 (medium): XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters…