AI Score
Confidence
High
EPSS
Percentile
85.3%
The management tool in MyLittleBackup up to and including 1.7 allows remote attackers to execute arbitrary code because machineKey is hardcoded (the same for all customersβ installations) in web.config, and can be used to send serialized ASP code.
www.mylittlebackup.com/mlb/zip/mlb_1.7.zip
gist.github.com/omriinbar/65827626e63f15e3e50557e2d9d61281