A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow to write data in any folder accessible to the account assigned to the websiteβs application pool.
[
{
"vendor": "Siemens",
"product": "syngo Dynamics",
"versions": [
{
"version": "All versions < VA40G HF01",
"status": "affected"
}
]
}
]