CVE-2018-1235

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege...

CVE-2018-1241

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. An authenticated malicious user with access to the RecoverPoint log files may obtain the exposed LDAP...

Command injection

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege...

Command injection

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contains a command injection vulnerability in the Boxmgmt CLI. An authenticated malicious user with boxmgmt privileges may potentially exploit this vulnerability to read RPA files. Note that files th...

Design/Logic Flaw

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. An authenticated malicious user with access to the RecoverPoint log files may obtain the exposed LDAP...

CVE-2018-1235

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege...

CVE-2018-1242

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contains a command injection vulnerability in the Boxmgmt CLI. An authenticated malicious user with boxmgmt privileges may potentially exploit this vulnerability to read RPA files. Note that files th...

CVE-2018-1241

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. An authenticated malicious user with access to the RecoverPoint log files may obtain the exposed LDAP...

CVE-2018-1235

Dell EMC RecoverPoint and RecoverPoint for VM are affected by an OS command injection in the SSH username handling, allowing unauthenticated remote code execution as root. Affected: RecoverPoint < 5.1.2 and RP for VMs

CVE-2018-1241

Dell EMC RecoverPoint products prior to 5.1.2 and RecoverPoint for VMs prior to 5.1.1.3 leak LDAP passwords in plaintext to log files when LDAP login occurs; an authenticated attacker with log access can misuse exposed credentials. No exploitation details are provided in the connected documents. ...

CVE-2018-1242

Dell EMC RecoverPoint suffers a command injection vulnerability in the Boxmgmt CLI affecting RecoverPoint versions before 5.1.2 and RecoverPoint for VM versions before 5.1.1.3. An authenticated user with boxmgmt privileges can potentially exploit this to read RPA files, with root-required files r...

CVE-2018-1235

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege...

CVE-2018-1241

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. An authenticated malicious user with access to the RecoverPoint log files may obtain the exposed LDAP...

CVE-2018-1242

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contains a command injection vulnerability in the Boxmgmt CLI. An authenticated malicious user with boxmgmt privileges may potentially exploit this vulnerability to read RPA files. Note that files th...

Dell EMC RecoverPoint and RecoverPoint for Virtual Machines Information Disclosure Vulnerability

Dell EMC RecoverPoint and RecoverPoint for Virtual Machines are both products of Dell Dell. The former is a suite of disaster recovery and data protection software, and the latter is a disaster recovery solution for VMware environments. An information disclosure vulnerability exists in Dell EMC...

Dell EMC RecoverPoint and RecoverPoint for Virtual Machines Arbitrary File Read Vulnerability

Dell EMC RecoverPoint and RecoverPoint for Virtual Machines are both products of Dell Dell. The former is a suite of disaster recovery and data protection software, and the latter is a disaster recovery solution for VMware environments. An arbitrary file read vulnerability exists in Dell EMC...

Dell EMC RecoverPoint and RecoverPoint for Virtual Machines Remote Code Execution Vulnerability

Dell EMC RecoverPoint and RecoverPoint for Virtual Machines are both products of Dell Dell. The former is a suite of disaster recovery and data protection software, and the latter is a disaster recovery solution for VMware environments. A remote code execution vulnerability exists in Dell EMC...

Six Vulnerabilities Found in Dell EMC’s Disaster Recovery System, One Critical

A pen-tester has found six vulnerabilities in Dell EMC RecoverPoint devices, including a critical remote code execution flaw that could allow total system compromise. EMC RecoverPoint is a disaster recovery tool that can be used to back up local and remote information storage, across data centers...

Dell EMC RecoverPoint boxmgmt CLI < 5.1.2 - Arbitrary File Read Vulnerability

Exploit for linux platform in category local exploits Exploit Title: Dell EMC RecoverPoint boxmgmt CLI /etc/passwd: terminating, 34 bad configuration options Command "ssh -F /etc/passwd 127.0.0.1" exit...

Dell EMC RecoverPoint boxmgmt CLI 5.1.2 - Arbitrary File Read

Dell EMC RecoverPoint boxmgmt CLI 5.1.2 - Arbitrary File Read Exploit Title: Dell EMC RecoverPoint boxmgmt CLI /etc/passwd: terminating, 34 bad configuration options Command "ssh...