Privilege escalation

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office Windows before build 39900...

CVE-2022-44746

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office Windows before build 40107...

CVE-2022-44746

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office Windows before build 40107...

CVE-2022-44746

The CVE-2022-44746 issue affects Acronis Cyber Protect Home Office for Windows prior to build 40107 . The root cause is insecure folder permissions that can lead to sensitive information disclosure . Public documentation from multiple sources confirms affected versions and the same remediation: u...

CVE-2022-44733

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office Windows before build 39900...

CVE-2022-44733

CVE-2022-44733 affects Acronis Cyber Protect Home Office for Windows prior to build 39900. The vulnerability is a local privilege escalation caused by insecure folder permissions in the product’s installation or runtime environment. Documented impact: confidentiality, integrity, and availability ...

CVE-2022-44732

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office Windows before build 39900...

CVE-2022-44732

CVE-2022-44732 is a local privilege escalation affecting Acronis Cyber Protect Home Office for Windows prior to build 39900. The root cause is insecure folder permissions that allow a low-privilege user to escalate privileges. The vulnerability is documented with a base score of 7.8 (NVD) and 7.3...

CVE-2022-44732

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office Windows before build 39900...

Acronis Cyber Protect 安全漏洞

Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Singapore. It combines backup, anti-malware, network security, and endpoint management features such as vulnerability assessment, URL filtering, patch management, and more. A security...

Acronis Cyber Protect 安全漏洞

Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Singapore. It combines backup, anti-malware, network security, and endpoint management features such as vulnerability assessment, URL filtering, patch management, and more. A security...

PT-2022-27289 · Acronis · Acronis Cyber Protect Home Office

Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect Home Office Windows versions prior to build 39900 Description: The issue is related to local privilege escalation due to insecure folder permissions. Recommendations: For versions prior to build 39900, update to build...

Acronis Cyber Protect 安全漏洞

Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Singapore. It combines backup, anti-malware, network security, and endpoint management features such as vulnerability assessment, URL filtering, patch management, and more. A security...

CVE-2021-45446

A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 does not cascade the hidden property to the children of the Home folder. This directory listing provides an attacker with the complete index of all the resources located inside the directory...

Directory traversal

A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 does not cascade the hidden property to the children of the Home folder. This directory listing provides an attacker with the complete index of all the resources located inside the directory...

Vagrant Synced Folder Vagrantfile Breakout Exploit

This Metasploit module exploits a default Vagrant synced folder shared folder to append a Ruby payload to the Vagrant project Vagrantfile config file. By default, unless a Vagrant project explicitly disables shared folders, Vagrant mounts the project directory on the host as a writable vagrant...

Vagrant Synced Folder Vagrantfile Breakout

This module exploits a default Vagrant synced folder shared folder to append a Ruby payload to the Vagrant project Vagrantfile config file. By default, unless a Vagrant project explicitly disables shared folders, Vagrant mounts the project directory on the host as a writable 'vagrant' directory o...

Vagrant Synced Folder Vagrantfile Breakout

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Vagrant Synced Folder Vagrantfile Breakout', 'Description' = %q This module exploits a default Vagrant synced folder shared folder to append a Ru...

Dell GeoDrive License Issues Vulnerabilities

Dell GeoDrive is a free application from Dell, Inc. It provides access to Dell EMC ECS and Atmos storage from Microsoft Windows desktops and servers. An authorization issue vulnerability exists in Dell GeoDrive versions prior to 2.2.3. The vulnerability stems from the inclusion of insecure file a...

Design/Logic Flaw

Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context. Dell recommends customers to upgrade at the earlie...