PT-2026-5103 · Unknown · Sync Breeze Enterprise Server+1
Rafael Pedrero
·
Published
2026-01-28
·
Updated
2026-01-28
·
CVE-2025-59895
CVSS v4.0
8.2
High
| Vector | AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Sync Breeze Enterprise Server versions 10.4.18
Disk Pulse Enterprise versions 10.4.18
Description
Sync Breeze Enterprise Server version 10.4.18 and Disk Pulse Enterprise version 10.4.18 are affected by a remote denial-of-service (DoS) issue within the configuration restore functionality. The root cause is inadequate validation of user-provided data during the configuration restore process. An attacker can exploit this by sending crafted requests to modify the configuration file, leading to application unresponsiveness. A successful attack can corrupt the configuration, preventing service recovery and necessitating a complete reinstallation.
Recommendations
Update Sync Breeze Enterprise Server to a version beyond 10.4.18.
Update Disk Pulse Enterprise to a version beyond 10.4.18.
Fix
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Diskpulse Enterprise
Sync Breeze Enterprise Server