CVE Daily

CVE-2017-1000420

Syncthing version 0.14.33 and older is vulnerable to symlink traversal resulting...

High CVSS 7.5

Overview

Syncthing version 0.14.33 and older is vulnerable to symlink traversal resulting in arbitrary file overwrite

CWE: CWE-59 Published: 2018-01-02T19:29:00.257
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.5 (HIGH)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags