4 matches found
CVE-2023-45498
VinChin Backup & Recovery v5.0., v6.0., v6.7., and v7.0. was discovered to contain a command injection vulnerability...
Vinchin Backup And Recovery Command Injection Exploit
This Metasploit module exploits a command injection vulnerability in Vinchin Backup & Recovery v5.0., v6.0., v6.7., and v7.0.. Due to insufficient input validation in the checkIpExists API endpoint, an attacker can execute arbitrary commands as the web server user. This module requires Metasploit...
CVE-2023-45498
creationtimestamp| type| source ---|---|--- 2023-12-20 18:17:22+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vinchinbackuprecoverycmdinject.rb 2023-12-22 19:41:28+00:00| seen| https://t.me/arpsyndicate/2066 2023-12-28 13:03:10+00:00|...
CVE-2023-45498
CVE-2023-45498 affects VinChin Backup & Recovery v5.0., v6.0. , v6.7., and v7.0. due to a command-injection vulnerability from insufficient input validation in the vulnerable API (checkIpExists). This allows remote arbitrary command execution as the web server user, with high impact on confidenti...