CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-14908
https://notcve.org/view.php?id=CVE-2018-14908
Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action. Samsung Syncthru Web Service V4.05.61 es vulnerable a Cross-Site Request Forgery (CSRF) en todas las peticiones, tal y como queda demostrado con sws.application/printinformation/printReportSetupView.sws para una acción "Print emails sent". • https://medium.com/stolabs/security-issues-on-samsung-syncthru-web-service-cc86467d2df • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-14904
https://notcve.org/view.php?id=CVE-2018-14904
Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by ruiFw_pid. Samsung Syncthru Web Service V4.05.61 es vulnerable a múltiples ataques XSS no autenticados en varios parámetros, tal y como queda demostrado con ruiFw_pid. • https://medium.com/stolabs/security-issues-on-samsung-syncthru-web-service-cc86467d2df • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •