141 matches found
CVE-2021-43039
Affected product: Kaseya Unitrends Backup Appliance (prior to 10.5.5). Issue: Samba file sharing service allows anonymous read/write access, enabling potential unauthorized file creation/editing on vulnerable deployments. Root cause: misconfig/ flaw in Samba access on the Appliance leading to una...
Unitrends Backup Elevation of Privilege Vulnerability
Unitrends Backup is a set of data protection software from Unitrends, Inc. in the United States. The software provides data backup, data recovery and deduplication features. An elevation of privilege vulnerability exists in versions prior to Unitrends Backup 10.5.5-2, which can be exploited by an...
Unitrends Backup Remote Code Execution Vulnerability (CNVD-2021-95950)
Unitrends Backup is a set of data protection software from Unitrends, Inc. in the United States. The software provides data backup, data recovery and deduplication features. A remote code execution vulnerability exists in Unitrends Backup versions prior to 10.5.5-2, which can be exploited by an...
CVE-2021-40387
An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution...
CVE-2021-40385
An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is a privilege escalation from read-only user to admin...
CVE-2021-40385
An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is a privilege escalation from read-only user to admin...
CVE-2021-40387
An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution...
CVE-2021-40385
CVE-2021-40385 affects Unitrends Backup Software (server component) prior to version 10.5.5-2. Multiple connected sources corroborate a privilege escalation from a read-only user to administrator. The provided documents do not specify the underlying technical root cause, affected subcomponents, i...
CVE-2021-40385
An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is a privilege escalation from read-only user to admin...
CVE-2021-40387
CVE-2021-40387 affects the server software in Kaseya Unitrends Backup Software before 10.5.5-2 . The vulnerability enables authenticated remote code execution . Available connected documents confirm the affected product and impact but do not provide concrete exploit details, specific root cause, ...
CVE-2021-40387
An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution...
Unitrends Backup 安全漏洞
Unitrends Backup is a set of data protection software from Unitrends, Inc. in the United States. The software provides data backup, data recovery and deduplication features. An elevation of privilege vulnerability exists in versions prior to Unitrends Backup 10.5.5-2, which can be exploited by an...
Unitrends Backup 安全漏洞
Unitrends Backup is a set of data protection software from Unitrends, Inc. in the United States. The software provides data backup, data recovery and deduplication features. A remote code execution vulnerability exists in Unitrends Backup versions prior to 10.5.5-2, which can be exploited by an...
CVE-2020-8427
In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass...
CVE-2020-8427
In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass...
Sql injection
In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass...
CVE-2020-8427
In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass...
CVE-2020-8427
CVE-2020-8427 affects Unitrends Backup prior to 10.4.1, where an HTTP request parameter was not properly sanitized, allowing SQL injection that results in authentication bypass. Exploitation guidance and in-wild details are not provided in the connected documents; however, the NVD entry reports h...
Unitrends UEB - HTTP API Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitrends UEB http api remote code execution', 'Description' = %q It was discovered that the api/storage web interface in Unitrends Backup UB...
Unitrends UEB HTTP API Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitrends UEB http api remote code execution', 'Description' = %q It was discovered that the api/storage web interface in Unitrends Backup UB...