Lucene search
K

141 matches found

CVE
CVE
added 2021/12/06 12:0 a.m.53 views

CVE-2021-43039

Affected product: Kaseya Unitrends Backup Appliance (prior to 10.5.5). Issue: Samba file sharing service allows anonymous read/write access, enabling potential unauthorized file creation/editing on vulnerable deployments. Root cause: misconfig/ flaw in Samba access on the Appliance leading to una...

6.5CVSS6.4AI score0.01216EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2021/09/03 12:0 a.m.9 views

Unitrends Backup Elevation of Privilege Vulnerability

Unitrends Backup is a set of data protection software from Unitrends, Inc. in the United States. The software provides data backup, data recovery and deduplication features. An elevation of privilege vulnerability exists in versions prior to Unitrends Backup 10.5.5-2, which can be exploited by an...

9CVSS6.8AI score0.01133EPSS
Exploits0References1
CNVD
CNVD
added 2021/09/03 12:0 a.m.11 views

Unitrends Backup Remote Code Execution Vulnerability (CNVD-2021-95950)

Unitrends Backup is a set of data protection software from Unitrends, Inc. in the United States. The software provides data backup, data recovery and deduplication features. A remote code execution vulnerability exists in Unitrends Backup versions prior to 10.5.5-2, which can be exploited by an...

9CVSS7.6AI score0.02427EPSS
Exploits0References1
NVD
NVD
added 2021/09/01 9:15 p.m.19 views

CVE-2021-40387

An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution...

9CVSS0.02427EPSS
Exploits0References1
OSV
OSV
added 2021/09/01 9:15 p.m.5 views

CVE-2021-40385

An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is a privilege escalation from read-only user to admin...

8.8CVSS5.8AI score0.01133EPSS
Exploits0References1
NVD
NVD
added 2021/09/01 9:15 p.m.19 views

CVE-2021-40385

An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is a privilege escalation from read-only user to admin...

9CVSS0.01133EPSS
Exploits0References1
OSV
OSV
added 2021/09/01 9:15 p.m.3 views

CVE-2021-40387

An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution...

8.8CVSS7.6AI score0.02427EPSS
Exploits0References1
CVE
CVE
added 2021/09/01 8:55 p.m.44 views

CVE-2021-40385

CVE-2021-40385 affects Unitrends Backup Software (server component) prior to version 10.5.5-2. Multiple connected sources corroborate a privilege escalation from a read-only user to administrator. The provided documents do not specify the underlying technical root cause, affected subcomponents, i...

9CVSS8.7AI score0.01133EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/01 8:55 p.m.29 views

CVE-2021-40385

An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is a privilege escalation from read-only user to admin...

9AI score0.01133EPSS
Exploits0References1
CVE
CVE
added 2021/09/01 8:55 p.m.49 views

CVE-2021-40387

CVE-2021-40387 affects the server software in Kaseya Unitrends Backup Software before 10.5.5-2 . The vulnerability enables authenticated remote code execution . Available connected documents confirm the affected product and impact but do not provide concrete exploit details, specific root cause, ...

9CVSS8.9AI score0.02427EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/01 8:55 p.m.24 views

CVE-2021-40387

An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution...

9.2AI score0.02427EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/01 12:0 a.m.7 views

Unitrends Backup 安全漏洞

Unitrends Backup is a set of data protection software from Unitrends, Inc. in the United States. The software provides data backup, data recovery and deduplication features. An elevation of privilege vulnerability exists in versions prior to Unitrends Backup 10.5.5-2, which can be exploited by an...

9CVSS5.7AI score0.01133EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/09/01 12:0 a.m.5 views

Unitrends Backup 安全漏洞

Unitrends Backup is a set of data protection software from Unitrends, Inc. in the United States. The software provides data backup, data recovery and deduplication features. A remote code execution vulnerability exists in Unitrends Backup versions prior to 10.5.5-2, which can be exploited by an...

9CVSS6.7AI score0.02427EPSS
Exploits0References2
NVD
NVD
added 2020/02/17 3:15 p.m.19 views

CVE-2020-8427

In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass...

9.8CVSS10AI score0.0151EPSS
Exploits0References1
OSV
OSV
added 2020/02/17 3:15 p.m.5 views

CVE-2020-8427

In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass...

9.8CVSS7.3AI score0.0151EPSS
Exploits0References1
Prion
Prion
added 2020/02/17 3:15 p.m.16 views

Sql injection

In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass...

7.5CVSS9.9AI score0.0151EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/02/17 2:56 p.m.25 views

CVE-2020-8427

In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass...

10AI score0.0151EPSS
Exploits0References1
CVE
CVE
added 2020/02/17 2:56 p.m.51 views

CVE-2020-8427

CVE-2020-8427 affects Unitrends Backup prior to 10.4.1, where an HTTP request parameter was not properly sanitized, allowing SQL injection that results in authentication bypass. Exploitation guidance and in-wild details are not provided in the connected documents; however, the NVD entry reports h...

9.8CVSS9.9AI score0.0151EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.58 views

Unitrends UEB - HTTP API Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitrends UEB http api remote code execution', 'Description' = %q It was discovered that the api/storage web interface in Unitrends Backup UB...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2018/10/05 12:0 a.m.63 views

Unitrends UEB HTTP API Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitrends UEB http api remote code execution', 'Description' = %q It was discovered that the api/storage web interface in Unitrends Backup UB...

10CVSS0.3AI score0.78269EPSS
Exploits15
Rows per page
Query Builder