Browse all 4 CVE security advisories affecting Synel. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SYNEL develops enterprise resource planning (ERP) and supply chain management software primarily for manufacturing and distribution sectors. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and access controls. While no major public security incidents have been widely reported, the presence of four CVEs indicates ongoing security challenges. The software's complex integrations and customizability may introduce additional attack surfaces, requiring organizations to implement strict network segmentation and regular patch management to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-37213 | Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection' — SYnergy Fingerprint TerminalsCWE-78 | 8.8 | High | 2023-07-30 |
| CVE-2022-36778 | Synel - eHarmony Stored XSS — eHarmonyCWE-79 | 6.5 | Medium | 2022-09-13 |
| CVE-2022-34768 | Synel - eHarmony Stored XSS — eHarmonyCWE-79 | 6.5 | Medium | 2022-08-05 |
| CVE-2021-36718 | SYNEL - eharmonynew / Synel Reports version 8.0.2 Default credentials , Security miscommunication , Sensetive data exposure — Synel eharmonynew, Synel Reports | 6.1 | Medium | 2021-12-08 |
This page lists every published CVE security advisory associated with Synel. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.