PT-2024-4083 · 12D Solutions · 12D Synergy File Replication Server +1

Name of the Vulnerable Software and Affected Versions: 12d Synergy Server versions prior to 4.3.10.192 12d Synergy Server versions prior to 5.1.5.221 12d Synergy Server versions prior to 5.1.6.235 12d Synergy File Replication Server versions prior to 4.3.10.192 12d Synergy File Replication Server...

File Replication Pro 7.5.0 - Privilege Escalation/Password reset due Incorrect Access Control

Exploit Title: File Replication Pro 7.5.0 - Privilege Escalation/Password reset due Incorrect Access Control Date: 2023-04-13 Exploit Author: Andrea Intilangelo Vendor Homepage: http://www.diasoft.net - https://www.filereplicationpro.com Software Link:...

CVE-2023-26918

Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:F access...

CVE-2023-26918

Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:F access...

Design/Logic Flaw

Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:F access...

PT-2023-20846 · Diasoft · Diasoft File Replication Pro

Name of the Vulnerable Software and Affected Versions: Diasoft File Replication Pro version 7.5.0 Description: The issue allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because the directory...

CVE-2023-26918

Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:F access...

CVE-2023-26918

CVE-2023-26918 affects Diasoft File Replication Pro (version 7.5.0). The root cause is overly permissive access on the installation directory (%ProgramFiles%\FileReplicationPro) granting Everyone:(F), enabling privilege escalation by replacing a legitimate file with a Trojan executed as LocalSyst...

File Replication Pro 7.5.0 Insecure Permissions / Privilege Escalation Vulnerabilities

File Replication Pro version 7.5.0 suffers from having insecure directory permissions that can allow a local attacker the ability to escalate privileges. Exploit Title: File Replication Pro 7.5.0 - Password disclosure/reset & PrivEsc due Incorrect Access Control Exploit Author: Andrea Intilangelo...

CVE-2023-26918

Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:F access...

Diasoft File Replication 权限许可和访问控制问题漏洞

Diasoft File Replication is a file replication software from Diasoft. A vulnerability exists in Diasoft File Replication Pro version 7.5.0 due to privilege permission and access control issues. An attacker could exploit this vulnerability to elevate privileges by replacing legitimate files with a...

File Replication Pro 7.5.0 Insecure Permissions / Privilege Escalation

Exploit Title: File Replication Pro 7.5.0 - Password disclosure/reset & PrivEsc due Incorrect Access Control Date: 2023-04-13 Exploit Author: Andrea Intilangelo Vendor Homepage: http://www.diasoft.net - https://www.filereplicationpro.com Software Link:...

Atlassian Jira < 8.6.0 Non-Administrators Able To Configure Replication Settings

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.21.0. It is, therefore, affected by a vulnerability which permits authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken...

Atlassian Jira < 8.6.0 / 8.7.x < 8.13.12 / 8.14.x < 8.20.1 / 8.21.0 (JRASERVER-72940)

The version of Atlassian Jira installed on the remote host is prior to 8.6.0 / 8.7.x 8.13.12 / 8.14.x 8.20.1 / 8.21.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-72940 advisory. - Non-administrators can edit the File Replication settings - CVE-2021-41308...

kernel: Buffer overwrite in decode_nfs_fh function

An out of memory bounds write flaw 1 or 2 bytes of memory in the Linux kernel NFS subsystem was found in the way users use mirroring replication of files with NFS. A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system...

CVE-2021-41308

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...

Improper access control

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...

CVE-2021-41308

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...

CVE-2021-41308

CVE-2021-41308 affects Atlassian Jira Server/Data Center where authenticated non-administrators can edit File Replication settings via Broken Access Control on ReplicationSettings!default.jspa. Affected: Jira versions before 8.6.0; 8.7.0 before 8.13.12; 8.14.0 before 8.20.1. Connected documents c...

CVE-2021-41308

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...