CVE-2020-35370

Name of the Vulnerable Software and Affected Versions Raysync versions prior to 3.3.3.8

Description A remote code execution issue exists, allowing an unauthenticated attacker to send a crafted request and override a specific file on the server with malicious content. This can enable the attacker to login as "admin" and modify a shell file to achieve remote code execution on the hosting server.

Recommendations For versions prior to 3.3.3.8, update to version 3.3.3.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the server to minimize the risk of exploitation.