OR
     *cpe:2.3:a:cloudme:sync:*:*:*:*:*:*:*:* versions up to (including) 1.10.9

OR
     *cpe:2.3:a:cloudme:sync:1.11.0:*:*:*:*:*:*:*

https://www.exploit-db.com/exploits/44470/ No Types Assigned

https://www.exploit-db.com/exploits/44470/ Exploit, Third Party Advisory, VDB Entry

https://www.exploit-db.com/exploits/44470/ [No Types Assigned]

OR
     *cpe:2.3:a:cloudme:sync:*:*:*:*:*:*:*:* versions up to (including) 1.10.9

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-119

https://0day4u.wordpress.com/2018/03/09/buffer-overflow-on-cloudme-sync-v1-11-0/ No Types Assigned

https://0day4u.wordpress.com/2018/03/09/buffer-overflow-on-cloudme-sync-v1-11-0/ Exploit, Third Party Advisory

An issue was discovered in CloudMe 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in remote code execution, as demonstrated by a TCP reverse shell. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-6892.

An issue was discovered in CloudMe 1.11.0. An unauthenticated local attacker that can connect to the "CloudMe Sync" client application listening on 127.0.0.1 port 8888 can send a malicious payload causing a buffer overflow condition. This will result in code execution, as demonstrated by a TCP reverse shell, or a crash. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-6892.