CVE-2020-35370: A RCE vulnerability exists in Raysync below 3.3.3.8. An unauthenticated unauthorized attacker sending a specifically cra

CVE-2020-35370 is a remote code execution vulnerability (the ability to run commands on a server without owning it) in Raysync versions before 3.3.3.8 that allows an attacker without authentication (login credentials) to send a specially crafted request that overwrites a file on the server with malicious code, then log in as the admin user and modify shell files to gain control of the hosting server.