CVE-2023-45498

VinChin Backup & Recovery v5.0., v6.0., v6.7., and v7.0. was discovered to contain a command injection vulnerability...

CVE-2023-45499

VinChin Backup & Recovery v5.0., v6.0., v6.7., and v7.0. was discovered to contain hardcoded credentials...

CVE-2022-35866

This vulnerability allows remote attackers to bypass authentication on affected installations of Vinchin Backup and Recovery 6.5.0.17561. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the MySQL server. The server uses a hard-cod...

EUVD-2024-20425

Malicious code in bioql PyPI...

EUVD-2022-38739

Malicious code in bioql PyPI...

CVE-2024-25228

Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution RCE via the getVerifydiyResult function in ManoeuvreHandler.class.php...

CVE-2024-22902

Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials...

CVE-2024-22900

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the setNetworkCardInfo function...

CVE-2024-22901

Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials...

CVE-2024-22899

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the syncNtpTime function...

CVE-2024-22903

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the deleteUpdateAPK function...

The vulnerability of the getVerifydiyResult function in the SystemHandler.class.php script of the backup and recovery software Vinchin Backup & Recovery allows a perpetrator to execute arbitrary code.

The vulnerability of the getVerifydiyResult function in the SystemHandler.class.php script of the Vinchin Backup & Recovery software relates to the lack of measures taken to clean data at the control level. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

CVE-2024-25228

Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution RCE via the getVerifydiyResult function in ManoeuvreHandler.class.php...

Vinchin Backup and Recovery Security Vulnerabilities

Vinchin Backup and Recovery is an easy-to-use, safe and reliable virtual machine data protection software from China Yunqi Technology Vinchin. It is used for backup and recovery. A security vulnerability exists in Vinchin Backup and Recovery 7.2 and earlier versions, which stems from vulnerabilit...

CVE-2024-25228

Vinchin Backup and Recovery 7.2 and earlier is affected by an Authenticated Remote Code Execution (RCE) in the getVerifydiyResult function of ManoeuvreHandler.class.php. Sources confirm the vulnerability exists in versions 7.2 and earlier and stems from inadequate input validation, notably in the...

Vinchin Backup And Recovery 7.2 Command Injection

CVE ID: CVE-2024-25228 Title: Authenticated Command Injection Vulnerability in ManoeuvreHandler.class.php of Vinchin Backup & Recovery Versions 7.2 and Earlier Description: A critical security vulnerability has been discovered in the getVerifydiyResult function within the ManoeuvreHandler.class.p...

CVE-2024-25228

Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution RCE via the getVerifydiyResult function in ManoeuvreHandler.class.php...

CVE-2024-25228

Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution RCE via the getVerifydiyResult function in ManoeuvreHandler.class.php...

PT-2024-2557 · Vinchin · Vinchin Backup & Recovery

Name of the Vulnerable Software and Affected Versions: Vinchin Backup and Recovery versions 7.2 and earlier Description: The issue is related to the getVerifydiyResult function, which is vulnerable to Authenticated Remote Code Execution RCE. This vulnerability can be exploited by a remote attacke...

The vulnerability of the Vinchin Backup & Recovery software for backup and restoration operations, related to the use of default user accounts, allows a perpetrator to escalate their privileges.

The vulnerability of the Vinchin Backup & Recovery software for backup and restoration is related to the use of default user accounts. Exploiting this vulnerability could allow a malicious actor to gain increased privileges from a remote location...