7 matches found
Unitrends < 10.0.0 Multiple Vulnerabilities
Unitrends UEB is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Unitrends UEB 9.1 - Privilege Escalation Exploit
Exploit for php platform in category web applications Exploit Title: Authenticated lowpriv RCE for Unitrends UEB 9.1 Exploit Authors: Benny Husted, Jared Arave, Cale Smith Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor Homepage:...
Unitrends UEB 9.1 Privilege Escalation
Exploit Title: Authenticated lowpriv RCE for Unitrends UEB 9.1 Date: 08/08/2017 Exploit Authors: Benny Husted, Jared Arave, Cale Smith Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor Homepage: https://www.unitrends.com/ Software Link:...
Unitrends UEB 9.1 - Privilege Escalation
Unitrends UEB 9.1 - Privilege Escalation Exploit Title: Authenticated lowpriv RCE for Unitrends UEB 9.1 Date: 08/08/2017 Exploit Authors: Benny Husted, Jared Arave, Cale Smith Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor Homepage:...
Unitrends UEB 9.1 - Privilege Escalation
Exploit Title: Authenticated lowpriv RCE for Unitrends UEB 9.1 Date: 08/08/2017 Exploit Authors: Benny Husted, Jared Arave, Cale Smith Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor Homepage: https://www.unitrends.com/ Software Link:...
CVE-2017-12479
creationtimestamp| type| source ---|---|--- 2017-08-08 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42959...
CVE-2017-12479
CVE-2017-12479 – Unitrends Backup : Affects UB prior to 10.0.0. The issue is in session handling, where an attacker with existing low-privilege credentials can leverage the LOGDIR environment variable during a web session to elevate to root and execute arbitrary commands with root privileges. Thi...