Symmetricom SyncServer Unauthenticated Remote Command Execution
Posted on 14 June 2023
This Metasploit module exploits an unauthenticated command injection vulnerability in /controller/ping.php in Symmetricom SyncServer. The S100 through S350 (End of Life) models should be vulnerable to unauthenticated exploitation due to a session handling vulnerability.