6 matches found
CVE-2023-45499
VinChin Backup & Recovery v5.0., v6.0., v6.7., and v7.0. was discovered to contain hardcoded credentials...
Vinchin Backup And Recovery Command Injection Exploit
This Metasploit module exploits a command injection vulnerability in Vinchin Backup & Recovery v5.0., v6.0., v6.7., and v7.0.. Due to insufficient input validation in the checkIpExists API endpoint, an attacker can execute arbitrary commands as the web server user. This module requires Metasploit...
CVE-2023-45499
creationtimestamp| type| source ---|---|--- 2023-12-20 18:17:22+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vinchinbackuprecoverycmdinject.rb 2023-12-22 19:31:15+00:00| seen| https://t.me/arpsyndicate/2065 2023-12-28 13:03:10+00:00|...
CVE-2023-45499
VinChin Backup & Recovery v5.0., v6.0., v6.7., and v7.0. was discovered to contain hardcoded credentials...
CVE-2023-45499
CVE-2023-45499 affects VinChin Backup & Recovery v5.0., v6.0. , v6.7., and v7.0. . Multiple connected sources confirm a hardcoded-credentials flaw in these versions, posing confidentiality, integrity, and availability risks. Red Hat and CNNVD entries corroborate the issue; Rapid7/Metasploit refer...
CVE-2023-45499
VinChin Backup & Recovery v5.0., v6.0., v6.7., and v7.0. was discovered to contain hardcoded credentials...