Lucene search
K

41 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:35 p.m.11 views

CVE-2023-45498

VinChin Backup & Recovery v5.0., v6.0., v6.7., and v7.0. was discovered to contain a command injection vulnerability...

9.8CVSS7.8AI score0.20477EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.8 views

CVE-2023-45499

VinChin Backup & Recovery v5.0., v6.0., v6.7., and v7.0. was discovered to contain hardcoded credentials...

9.8CVSS7.3AI score0.07887EPSS
Exploits3References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-20425

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01883EPSS
Exploits3References4
RedhatCVE
RedhatCVE
added 2025/05/23 9:35 a.m.9 views

CVE-2024-22900

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the setNetworkCardInfo function...

8.8CVSS8.2AI score0.01883EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:35 a.m.18 views

CVE-2024-22901

Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials...

9.8CVSS7.1AI score0.01101EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:35 a.m.8 views

CVE-2024-22899

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the syncNtpTime function...

8.8CVSS8.1AI score0.02369EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:34 a.m.10 views

CVE-2024-22903

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the deleteUpdateAPK function...

8.8CVSS8.1AI score0.01861EPSS
Exploits4References1
BDU FSTEC
BDU FSTEC
added 2024/04/03 12:0 a.m.8 views

The vulnerability of the getVerifydiyResult function in the SystemHandler.class.php script of the backup and recovery software Vinchin Backup & Recovery allows a perpetrator to execute arbitrary code.

The vulnerability of the getVerifydiyResult function in the SystemHandler.class.php script of the Vinchin Backup & Recovery software relates to the lack of measures taken to clean data at the control level. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

9CVSS5.9AI score0.25887EPSS
Exploits2References4Affected Software1
Packet Storm
Packet Storm
added 2024/03/14 12:0 a.m.224 views

Vinchin Backup And Recovery 7.2 Command Injection

CVE ID: CVE-2024-25228 Title: Authenticated Command Injection Vulnerability in ManoeuvreHandler.class.php of Vinchin Backup & Recovery Versions 7.2 and Earlier Description: A critical security vulnerability has been discovered in the getVerifydiyResult function within the ManoeuvreHandler.class.p...

7.4AI score0.25887EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2024/02/09 12:0 a.m.6 views

The vulnerability of the Vinchin Backup & Recovery software regarding backup and restoration, related to the lack of measures for cleaning input data, allows a perpetrator to execute arbitrary commands.

The vulnerability of the Vinchin Backup & Recovery software regarding backup and restoration involves a lack of measures for cleaning input data. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary commands...

10CVSS8.1AI score0.20477EPSS
Exploits3References6Affected Software1
NVD
NVD
added 2024/02/02 2:15 a.m.31 views

CVE-2024-22901

Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials...

9.8CVSS9.6AI score0.01101EPSS
Exploits3References5
NVD
NVD
added 2024/02/02 2:15 a.m.38 views

CVE-2024-22902

Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials...

9.8CVSS9.6AI score0.01147EPSS
Exploits4References6
Prion
Prion
added 2024/02/02 2:15 a.m.24 views

Remote code execution

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the deleteUpdateAPK function...

6.5CVSS8.4AI score0.01861EPSS
Exploits4References3Affected Software1
Prion
Prion
added 2024/02/02 2:15 a.m.16 views

Default credentials

Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials...

7.5CVSS7.4AI score0.01147EPSS
Exploits4References4Affected Software1
Prion
Prion
added 2024/02/02 2:15 a.m.16 views

Default credentials

Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials...

7.5CVSS7.4AI score0.01101EPSS
Exploits3References3Affected Software1
CVE
CVE
added 2024/02/02 12:0 a.m.62 views

CVE-2024-22900

CVE-2024-22900 affects Vinchin Backup & Recovery (versions 7.2 and earlier). An authenticated attacker can trigger command injection via the setNetworkCardInfo(NAME) path, where user-supplied NAME is used in system commands, enabling remote code execution. Public writeups describe exploitation th...

8.8CVSS9AI score0.01883EPSS
Exploits3References5Affected Software1
Cvelist
Cvelist
added 2024/02/02 12:0 a.m.38 views

CVE-2024-22901

Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials...

9.7AI score0.01101EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2024/02/02 12:0 a.m.9 views

CVE-2024-22903

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the deleteUpdateAPK function...

8.1AI score0.01861EPSS
Exploits4References2
Vulnrichment
Vulnrichment
added 2024/02/02 12:0 a.m.4 views

CVE-2024-22900

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the setNetworkCardInfo function...

9.1AI score0.01883EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2024/02/02 12:0 a.m.13 views

CVE-2024-22899

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the syncNtpTime function...

8.4AI score0.02369EPSS
Exploits4References2
Rows per page
Query Builder