3 matches found
CVE-2017-14980
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/syncbreezebof.rb 2025-01-31 04:00:07+00:00| published-proof-of-concept| Telegram/O96JMXWnCSBuBB46Cc1BcDMuR0RRbHcNpUkRi8BOM5Q5pQ...
CVE-2017-14980
CVE-2017-14980 — Sync Breeze Enterprise vulnerable to a stack-based buffer overflow in the web login interface (Sync Breeze Enterprise 10.0.28). A remote, unauthenticated attacker can cause memory corruption and achieve remote code execution via a long username parameter to /login. Public PoCs an...
Sync Breeze Enterprise GET Buffer Overflow
This module exploits a stack-based buffer overflow vulnerability in the web interface of Sync Breeze Enterprise v9.4.28, v10.0.28, and v10.1.16, caused by improper bounds checking of the request in HTTP GET and POST requests sent to the built-in web server. This module has been tested successfull...