Viden Labs

CVE-2022-22828 NOMISEC HIGH WRITEUP

Synaman < 5.0 - Unauthenticated Unshared File Access via Base64-Encoded Filename

An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.

CVSS 7.5

View Code

CVE-2022-22828 WRITEUP HIGH WRITEUP

Synaman < 5.0 - Unauthenticated Unshared File Access via Base64-Encoded Filename

An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.

CVSS 7.5

View Code