Lucene search
K

42 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-16311

Malware in sbrugna...

7.1CVSS6AI score0.04281EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-16313

Malware in sbrugna...

8.8CVSS8.8AI score0.02656EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-16309

Malware in sbrugna...

9.8CVSS9.5AI score0.06179EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-16310

Malware in sbrugna...

8.8CVSS8.8AI score0.04318EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-3158

Malware in sbrugna...

7.5CVSS6.4AI score0.03309EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 12:51 a.m.8 views

CVE-2014-3139

recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to bypass authentication by setting the auth parameter to a certain string...

7.5CVSS7.3AI score0.03309EPSS
Exploits1References1
Metasploit
Metasploit
added 2018/11/28 2:14 a.m.56 views

Unitrends Enterprise Backup bpserverd Privilege Escalation

It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system. This is very similar to...

9.8CVSS7.7AI score0.62464EPSS
Exploits7
Packet Storm
Packet Storm
added 2018/11/28 12:0 a.m.70 views

Unitrends Enterprise Backup bpserverd Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitrends Enterprise Backup bpserverd Privilege Escalation', 'Description' = %q It was discovered that the Unitrends bpserverd proprietary...

7.5CVSS0.6AI score0.62464EPSS
Exploits7
BDU FSTEC
BDU FSTEC
added 2017/11/23 12:0 a.m.8 views

The vulnerability of the web server of the Unitrends Enterprise Backup software allows a hacker to obtain root privileges.

The vulnerability of the web server of the Unitrends Enterprise Backup software lies in its lack of access control mechanisms. Exploiting this vulnerability could allow an attacker, operating remotely, to obtain root privileges by modifying the cookie file issued upon system login...

10CVSS7.8AI score0.04394EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2017/10/20 12:0 a.m.19 views

Unitrends Enterprise Backup 7.3.0 Multiple Vulnerabilities

Multiple vulnerabilities in Unitrends Enterprise Backup version 7.3.0. Authentication bypass and remote code execution RCE. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

10CVSS7.7AI score0.06961EPSS
Exploits2References1
CNVD
CNVD
added 2017/04/21 12:0 a.m.2 views

Unitrends Enterprise Backup api/includes/users.php page password change vulnerability

Unitrends Enterprise Backup is backup software that incorporates cloud continuity services to ensure the recovery of your virtual, physical and cloud data, systems and applications. A password change vulnerability exists in the api/includes/users.php page of Unitrends Enterprise Backup, which can...

8.8CVSS6.7AI score0.02656EPSS
Exploits1References1
CNVD
CNVD
added 2017/04/21 12:0 a.m.4 views

Unitrends Enterprise Backup 'token' cookie modification lifting vulnerability

Unitrends Enterprise Backup is a suite of enterprise-class data protection software from Unitrends, Inc. in the United States. The software provides data backup, data recovery and deduplication features. A security vulnerability exists in versions of Unitrends Enterprise Backup prior to 9.0.0. Th...

10CVSS6.8AI score0.04394EPSS
Exploits0References1
CNVD
CNVD
added 2017/04/21 12:0 a.m.4 views

Unitrends Enterprise Backup api/includes/systems.php Remote Code Execution Vulnerability

Unitrends Enterprise Backup is a suite of enterprise-grade data protection software from the US-based Unitrends. The software provides data backup, data recovery and deduplication features. A security vulnerability exists in the api/includes/systems.php file in versions of Unitrends Enterprise...

9.8CVSS7.1AI score0.06179EPSS
Exploits1References1
OSV
OSV
added 2017/04/20 2:59 a.m.4 views

CVE-2017-7282

An issue was discovered in Unitrends Enterprise Backup before 9.1.1. The function downloadFile in api/includes/restore.php blindly accepts any filename passed to /api/restore/download as valid. This allows an authenticated attacker to read any file in the filesystem that the web server has access...

5.5CVSS5.8AI score0.04281EPSS
Exploits1References2
OSV
OSV
added 2017/04/20 2:59 a.m.3 views

CVE-2017-7283

An authenticated user of Unitrends Enterprise Backup before 9.1.2 can execute arbitrary OS commands by sending a specially crafted filename to the /api/restore/download-files endpoint, related to the downloadFiles function in api/includes/restore.php...

8.8CVSS6AI score0.0428EPSS
Exploits1References2
NVD
NVD
added 2017/04/20 2:59 a.m.16 views

CVE-2017-7283

An authenticated user of Unitrends Enterprise Backup before 9.1.2 can execute arbitrary OS commands by sending a specially crafted filename to the /api/restore/download-files endpoint, related to the downloadFiles function in api/includes/restore.php...

9CVSS8.8AI score0.0428EPSS
Exploits1References2
Prion
Prion
added 2017/04/20 2:59 a.m.11 views

Design/Logic Flaw

An authenticated user of Unitrends Enterprise Backup before 9.1.2 can execute arbitrary OS commands by sending a specially crafted filename to the /api/restore/download-files endpoint, related to the downloadFiles function in api/includes/restore.php...

9CVSS8.8AI score0.0428EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2017/04/20 2:43 a.m.26 views

CVE-2017-7282

An issue was discovered in Unitrends Enterprise Backup before 9.1.1. The function downloadFile in api/includes/restore.php blindly accepts any filename passed to /api/restore/download as valid. This allows an authenticated attacker to read any file in the filesystem that the web server has access...

6.3AI score0.04281EPSS
Exploits1References2
Cvelist
Cvelist
added 2017/04/20 2:43 a.m.20 views

CVE-2017-7283

An authenticated user of Unitrends Enterprise Backup before 9.1.2 can execute arbitrary OS commands by sending a specially crafted filename to the /api/restore/download-files endpoint, related to the downloadFiles function in api/includes/restore.php...

9.2AI score0.0428EPSS
Exploits1References2
CVE
CVE
added 2017/04/20 2:43 a.m.50 views

CVE-2017-7283

CVE-2017-7283 affects Unitrends Enterprise Backup prior to 9.1.2. An authenticated user can trigger arbitrary OS command execution by supplying a specially crafted filename to the /api/restore/download-files endpoint, related to the downloadFiles function in api/includes/restore.php. The NVD data...

9CVSS9.1AI score0.0428EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder