CVE-2020-37230

Syncplify.me Server! 5.0.37 contains an unquoted service path vulnerability in the SMWebRestServicev5 service that allows local attackers to escalate privileges by exploiting the unquoted binary path. Attackers can insert a malicious executable into the service path and execute it with LocalSyste...

Syncplify Server! 5.0.37 - (SMWebRestServicev5) Unquoted Service Path Vulnerability

Exploit Title: Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path Exploit Author: Julio Aviña Vendor Homepage: https://www.syncplify.me/ Software Link: https://download.syncplify.me/SMServerSetup.exe Version: 5.0.37 Tested on: Windows 10 Pro x64 es Vulnerability Type: Unquot...

Syncplify.me Server! 5.0.37 Unquoted Service Path

Exploit Title: Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path Date: 2020-11-08 Exploit Author: Julio Aviña Vendor Homepage: https://www.syncplify.me/ Software Link: https://download.syncplify.me/SMServerSetup.exe Version: 5.0.37 Tested on: Windows 10 Pro x64 es...

Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path

Exploit Title: Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path Date: 2020-11-08 Exploit Author: Julio Aviña Vendor Homepage: https://www.syncplify.me/ Software Link: https://download.syncplify.me/SMServerSetup.exe Version: 5.0.37 Tested on: Windows 10 Pro x64 es...