CVE-2022-42734

Name of the Vulnerable Software and Affected Versions syngo Dynamics versions prior to VA40G HF01

Description A vulnerability has been identified in the syngo Dynamics application server, which hosts a web service using an operation with improper write access control. This could allow writing data in any folder accessible to the account assigned to the website's application pool.

Recommendations For versions prior to VA40G HF01, update to VA40G HF01 or later to resolve the issue. As a temporary workaround, consider restricting write access to sensitive folders to minimize the risk of exploitation.