40 matches found
EUVD-2023-34239
Malicious code in bioql PyPI...
EUVD-2023-33851
Malicious code in bioql PyPI...
CVE-2023-2360
Sensitive information disclosure due to CORS misconfiguration. The following products are affected: Acronis Cyber Infrastructure ACI before build 5.2.0-135...
CVE-2023-45249
Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure ACI before build 5.0.1-61, Acronis Cyber Infrastructure ACI before build 5.1.1-71, Acronis Cyber Infrastructure ACI before build 5.2.1-69, Acronis Cyber Infrastructure ACI...
CVE-2023-2782
Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Infrastructure ACI before build 5.3.1-38...
Metasploit Weekly Wrap-Up 10/04/2024
New module content 3 cups-browsed Information Disclosure Authors: bcoles and evilsocket Type: Auxiliary Pull request: 19510 contributed by bcoles Path: scanner/misc/cupsbrowsedinfodisclosure Description: Adds scanner module to retrieve CUPS version and kernel version information from cups-browsed...
Acronis Cyber Infrastructure 5.0.1-61 Cross Site Request Forgery
============================================================================================================================================= | Title : Acronis Cyber Infrastructure 5.0.1-61 CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Acronis Cyber Infrastructure default password remote code execution
Acronis Cyber Infrastructure ACI is an IT infrastructure solution that provides storage, compute, and network resources. Businesses and Service Providers are using it for data storage, backup storage, creating and managing virtual machines and software-defined networks, running cloud-native...
Acronis Cyber Infrastructure Default Password Remote Code Execution Exploit
Acronis Cyber Infrastructure ACI is an IT infrastructure solution that provides storage, compute, and network resources. Businesses and Service Providers are using it for data storage, backup storage, creating and managing virtual machines and software-defined networks, running cloud-native...
Acronis Cyber Infrastructure Default Password Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'sshkey' class MetasploitModule 'Acronis Cyber Infrastructure default password remote code execution', 'Description' = %q Acronis Cyber Infrastructure ACI is an ...
Acronis Cyber Infrastructure 5.1.x < 5.1.1-71 / 5.2.x < 5.2.1-69 / 5.3.x < 5.3.1-53 / 5.4.x < 5.4.4-132 / < 5.0.1-61 (SEC-6452)
The version of Acronis Cyber Infrastructure installed on the remote host is prior to 5.0.1-61, 5.1.1-71, 5.2.1-69, 5.3.1-53, or 5.4.4-132. It is, therefore, affected by a vulnerability as referenced in the SEC-6452 advisory. - Remote command execution due to use of default passwords. The followin...
Acronis Cyber Infrastructure Service Detection
Binary data acroniscyberinfrastructureservicedetect.nbin...
Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild
Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure ACI product has been exploited in the wild. The vulnerability, tracked as CVE-2023-45249 CVSS score: 9.8, concerns a case of remote code execution that stems from the use of defau...
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-4879 ServiceNow Improper Input Validation Vulnerability CVE-2024-5217 ServiceNow Incomplete List of Disallowed Inputs Vulnerability CVE-2023-45249 Acronis...
Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability
Acronis Cyber Infrastructure ACI allows an unauthenticated user to execute commands remotely due to the use of default passwords...
The vulnerability of the software platform for remote management of endpoints, backup, and virtualization in Acronis Cyber Infrastructure (ACI) arises from the use of pre-installed credentials. This allows a malicious actor to execute arbitrary code.
The vulnerability of the software platform for remote control of endpoints, backup copies, and virtualization in Acronis Cyber Infrastructure ACI lies in the use of pre-installed credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
CVE-2023-45249
Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure ACI before build 5.0.1-61, Acronis Cyber Infrastructure ACI before build 5.1.1-71, Acronis Cyber Infrastructure ACI before build 5.2.1-69, Acronis Cyber Infrastructure ACI...
CVE-2023-45249
Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure ACI before build 5.0.1-61, Acronis Cyber Infrastructure ACI before build 5.1.1-71, Acronis Cyber Infrastructure ACI before build 5.2.1-69, Acronis Cyber Infrastructure ACI...
CVE-2023-45249
Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure ACI before build 5.0.1-61, Acronis Cyber Infrastructure ACI before build 5.1.1-71, Acronis Cyber Infrastructure ACI before build 5.2.1-69, Acronis Cyber Infrastructure ACI...
CVE-2023-45249
Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure ACI before build 5.0.1-61, Acronis Cyber Infrastructure ACI before build 5.1.1-71, Acronis Cyber Infrastructure ACI before build 5.2.1-69, Acronis Cyber Infrastructure ACI...