CVE-2022-22828

Published January 27th, 2022

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECT

Description

An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.

videnlabs/CVE-2022-22828

Write-up of CVE-2022-22828

GitHub