Commvault CommCell DownloadCenterUploadHandler Arbitrary File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

Commvault CommCell 代码问题漏洞

Commvault CommCell enables fast, large-scale backup and recovery of virtual machines, structured and unstructured data.An arbitrary file upload vulnerability exists in the DownloadCenterUploadHandler class in versions of Commvault CommCell prior to 11.25, which could be exploited by an attacker t...

PT-2021-5321 · Commvault · Commvault Commcell

Name of the Vulnerable Software and Affected Versions: Commvault CommCell version 11.22.22 Description: This issue allows remote attackers to execute arbitrary code on affected installations. Although authentication is required to exploit this issue, the existing authentication mechanism can be...

Commvault directory traversal vulnerability

Commvault is a next-generation data management platform, and a directory traversal vulnerability exists in CommCell in Commvault, which could be exploited by attackers to view files outside of the log folder...

CVE-2020-25780

In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder...

Directory traversal

In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder...

CVE-2020-25780

In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder...

CVE-2020-25780

CVE-2020-25780 affects Commvault CommCell before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13. It is a local file inclusion/directory traversal vulnerability where an attacker can view a log-file request and access files outside the log-files folder. The N...