VYPR

inSync Windows Client

by Druva

CVEs (2)

  • CVE-2020-5752HigMay 21, 2020
    risk 0.54cvss 7.8epss 0.09

    Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.

  • CVE-2019-3999HigFeb 25, 2020
    risk 0.54cvss 7.8epss 0.09

    Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.