9 matches found
Veeam ONE Agent .NET Deserialization Exploit
This Metasploit module exploits a .NET deserialization vulnerability in the Veeam ONE Agent before the hotfix versions 9.5.5.4587 and 10.0.1.750 in the 9 and 10 release lines. Specifically, the module targets the HandshakeResult method used by the Agent. By inducing a failure in the handshake, th...
Veeam ONE Agent .NET Deserialization
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Veeam ONE Agent .NET Deserialization', 'Description' = %q This module exploits a .NET deserialization vulnerability in the Veeam ONE Agent before...
Veeam ONE Agent .NET Deserialization
This module exploits a .NET deserialization vulnerability in the Veeam ONE Agent before the hotfix versions 9.5.5.4587 and 10.0.1.750 in the 9 and 10 release lines. Specifically, the module targets the HandshakeResult method used by the Agent. By inducing a failure in the handshake, the Agent wil...
CVE-2020-10915
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HandshakeResult method. The issue results from the lack of proper...
Deserialization of untrusted data
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HandshakeResult method. The issue results from the lack of proper...
CVE-2020-10915
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HandshakeResult method. The issue results from the lack of proper...
CVE-2020-10915 Preauth RCE in VEEAM One Agent
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HandshakeResult method. The issue results from the lack of proper...
Veeam One Agent Code Issue Vulnerability
Veeam One Agent is a data protection and disaster recovery solution for physical and virtual machines from Veeam Switzerland. A code issue vulnerability exists in the HandshakeResult method in Veeam One Agent version 9.5.4.4587, which stems from the program failing to properly validate...
Veeam ONE HandshakeResult Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Veeam ONE. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HandshakeResult method. The issue results from the lack of proper validation of...