CVE-2017-15950

HIGH

Flexense SyncBreeze Enterprise 10.1.16 - Buffer Overflow via Destination Directory Field

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2017-15950. PoCs published by Filipe Oliveira, rnnsz.

AI-analyzed exploit summary This exploit leverages a stack-based buffer overflow in SyncBreeze 10.1.16 via malformed XML input to achieve remote code execution. It uses a combination of stack pivoting and gadgets to redirect execution to a calc.exe payload.

Description

Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. The flaw is triggered by providing a long input into the "Destination directory" field, either within an XML document or through use of passive mode.

Exploits (2)

exploitdb WORKING POC

by Filipe Oliveira · pythonwebappswindows

https://www.exploit-db.com/exploits/49725

View Code ZIP pw:eip

This exploit leverages a stack-based buffer overflow in SyncBreeze 10.1.16 via malformed XML input to achieve remote code execution. It uses a combination of stack pivoting and gadgets to redirect execution to a calc.exe payload.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: SyncBreeze v10.1.16 x86

No auth needed

Prerequisites: Victim must open the malicious XML file via the 'Import Command' feature in SyncBreeze

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by rnnsz · poc

https://github.com/rnnsz/CVE-2017-15950

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2017-15950, a stack-based buffer overflow vulnerability in SyncBreeze. The exploit includes two Python scripts to generate payloads for either the XML parser or the Sync functionality, both designed to achieve remote code execution via shellcode.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: SyncBreeze (version not specified)

No auth needed

Prerequisites: Network access to the target SyncBreeze instance · Ability to send crafted XML or Sync payloads to the target

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Mailing List, Third Party Advisory x_refsource_misc

http://seclists.org/fulldisclosure/2017/Oct/64

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/162008/SyncBreeze-10.1.16-Buffer-Overflow.html

Scores

CVSS v3 7.8

EPSS 0.0551

EPSS Percentile 91.8%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (1)

flexense/syncbreeze 10.1.16

Published Oct 31, 2017

Tracked Since Feb 18, 2026