CVE-2025-56869
Severity CVSS v4.0:
Pending analysis
Type:
CWE-22
Path Traversal
Publication date:
19/09/2025
Last modified:
19/09/2025
Description
Directory traversal vulnerability in Sync In server thru 1.1.1 allowing authenticated attackers to gain read and write access to the system via FilesManager.saveMultipart function in backend/src/applications/files/services/files-manager.service.ts, and FilesManager.compress function in backend/src/applications/files/services/files-manager.service.ts.
Impact
Base Score 3.x
5.30
Severity 3.x
MEDIUM