Unrated severityNVD Advisory· Published Sep 19, 2025· Updated Sep 19, 2025

CVE-2025-56869

Description

Directory traversal vulnerability in Sync In server thru 1.1.1 allowing authenticated attackers to gain read and write access to the system via FilesManager.saveMultipart function in backend/src/applications/files/services/files-manager.service.ts, and FilesManager.compress function in backend/src/applications/files/services/files-manager.service.ts.

Affected products

Sync In server/Sync In serverdescription
Sync In/Sync In serverllm-create
Range: <=1.1.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/Sync-in/server/releases/tag/v1.2.0mitre
sync-in.commitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000