Lucene search
HistoryFeb 02, 2024 - 2:15 a.m.
CVE-2024-22903
cve-2024-22903
authenticated
remote code execution
vulnerability
deleteupdateapk
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
53.1%
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function.
Affected configurations
Node
vinchinvinchin_backup_and_recoveryRange≤7.2
Related
prion
prion
Remote code execution
2024-02-02 02:15:00
packetstorm
packetstorm
Vinchin Backup And Recovery 7.2 SystemHandler.class.php Command Injection
2024-01-26 00:00:00
cvelist
cvelist
CVE-2024-22903
2024-02-02 00:00:00
zdt
zdt
cve
cve
CVE-2024-22903
2024-02-02 02:15:18
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
53.1%
Related for NVD:CVE-2024-22903