Lucene search
+L

812 matches found

nuclei
nuclei
added 11 hours ago25 views

Arcserve UDP <= 9.0.6034 - Authentication Bypass

Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute a...

9.8CVSS7.1AI score0.37715EPSS
Exploits2References2
nuclei
nuclei
added 11 hours ago14 views

Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll

A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll. id: CVE-2024-0801 info: name: Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll author: daffainfo severity: high description: | A denial of service vulnerability exists i...

7.5CVSS7AI score0.41843EPSS
Exploits1References2
nuclei
nuclei
added 11 hours ago31 views

Arcserve Unified Data Protection - Authentication Bypass

An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin function within wizardLogin. id: CVE-2024-0799 info: name: Arcserve Unified Data Protection -...

9.8CVSS7.1AI score0.04342EPSS
Exploits1References2
redhatcve
redhatcve
added 2026/06/05 7:26 p.m.12 views

CVE-2026-40118

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS6.5AI score0.00178EPSS
Exploits0References1
jvn
jvn
added 2026/04/16 8:29 a.m.8 views

Arcserve UDP Console vulnerable to redirect to a dummy URL

Overview UDP Console provided by Arcserve contains the following vulnerability. Incorrectly specified destination in a communication channel CWE-941 - CVE-2026-40118 Shingo Ando reported this vulnerability to IPA, IPA reported it to Arcserve, and JPCERT/CC coordinated with Arcserve to publish the...

6.3CVSS6.6AI score0.00178EPSS
Exploits0References4
euvd
euvd
added 2026/04/16 6:31 a.m.7 views

EUVD-2026-23192

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS5.8AI score0.00178EPSS
Exploits0References3
nvd
nvd
added 2026/04/16 5:16 a.m.5 views

CVE-2026-40118

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS0.00178EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/04/16 4:19 a.m.4 views

CVE-2026-40118

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS6.6AI score0.00178EPSS
Exploits0References2
cve
cve
added 2026/04/16 4:19 a.m.17 views

CVE-2026-40118

CVE-2026-40118 involves Arcserve’s UDP Console. The issue is an incorrectly specified destination in a communication channel: if a user configures the activation server hostname to a dummy URL, the product may contact that dummy domain, potentially causing information disclosure. The provided doc...

6.3CVSS6.6AI score0.00178EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/04/16 4:19 a.m.5 views

CVE-2026-40118

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS5.8AI score0.00178EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/04/16 4:19 a.m.27 views

CVE-2026-40118

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS0.00178EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/04/16 12:0 a.m.8 views

PT-2026-33258

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS5.8AI score0.00178EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/04/16 12:0 a.m.11 views

Arcserve UDP Console 安全漏洞

Arcserve UDP Console is a data protection management console developed by the American company Arcserve. There are security vulnerabilities in Arcserve UDP Console. These vulnerabilities stem from incorrect target designation in the communication channel, which may lead to unexpected communicatio...

6.3CVSS6.6AI score0.00178EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 12:10 p.m.9 views

CVE-2018-18657

An issue was discovered in Arcserve Unified Data Protection UDP through 6.5 Update 4. There is a DDI-VRT-2018-18 Unauthenticated Sensitive Information Disclosure via /gateway/services/EdgeServiceImpl issue...

7.5CVSS6.9AI score0.01337EPSS
Exploits0References1
nessus
nessus
added 2025/10/28 12:0 a.m.3 views

Arcserve UDP < 5.0 Update 4 Directory Traversal

The Arcserve Unified Data Protection UDP application running on the remote host is affected by a directory traversal vulnerability. An unauthenticated, remote attacker can exploit this, via a crafted file path to the 1 reportFileServlet or 2 exportServlet servlet, to obtain sensitive information ...

9.4CVSS5.6AI score0.63643EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-2949

Malware in sbrugna...

7.5CVSS6.1AI score0.04053EPSS
Exploits4References9
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-4381

Malware in sbrugna...

5CVSS6.4AI score0.03382EPSS
Exploits1References8
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-3960

Malware in sbrugna...

7.5CVSS6.4AI score0.0532EPSS
Exploits0References8
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-4379

Malware in sbrugna...

5CVSS6.2AI score0.08232EPSS
Exploits1References8
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2001-0942

Malware in sbrugna...

10CVSS6.4AI score0.03364EPSS
Exploits0References5
Rows per page
Query Builder