On SOYAL AR-727H and AR-829Ev5 devices, all CGI programs allow unauthenticated POST access.
7.5CVSS
7.6AI Score
0.003EPSS
Soyal Technology 701Client 9.0.1 is vulnerable to Insecure permissions via client.exe binary with Authenticated Users group with Full permissions.
8.8CVSS
8.6AI Score
0.117EPSS
Soyal Technologies SOYAL 701Server 9.0.1 suffers from an elevation of privileges vulnerability which can be used by an authenticated user to change the executable file with a binary choice. The vulnerability is due to improper permissions with the 'F' flag (Full) for 'Everyone'and 'Authenticated Us...
8.8CVSS
8.5AI Score
0.157EPSS