283 matches found
Remote code execution
An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0. User input is not properly filtered before being sent to a popen function. This allows for remote code execution by sending a specially crafted user variable...
CVE-2017-7281
An issue was discovered in Unitrends Enterprise Backup before 9.1.2. A lack of sanitization of user input in the createReportName and saveReport functions in recoveryconsole/bpl/reports.php allows for an authenticated user to create a randomly named file on disk with a user-controlled extension,...
CVE-2017-7284
An attacker that has hijacked a Unitrends Enterprise Backup before 9.1.2 web server session can leverage api/includes/users.php to change the password of the logged in account without knowing the current password. This allows for an account takeover...
CVE-2017-7280
An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0. User input is not properly filtered before being sent to a popen function. This allows for remote code execution by sending a specially crafted user variable...
CVE-2017-7279
An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to root privileges by modifying the "token" cookie issued at login...
CVE-2017-7279
CVE-2017-7279 affects Unitrends Enterprise Backup before 9.0.0. An unprivileged user can escalate to root by modifying the login session cookie named “token” on the web server. Root cause: inadequate protection/verification of the authentication token cookie. Impact: full root privileges on the a...
CVE-2017-7284
The CVE-2017-7284 entry describes a vulnerability in Unitrends Enterprise Backup (pre-9.1.2) where an attacker who has hijacked a web session can use api/includes/users.php to change the password of the currently logged-in account without knowing the existing password, enabling account takeover. ...
CVE-2017-7281
CVE-2017-7281 affects Unitrends Enterprise Backup prior to 9.1.2. The vulnerability is due to unsanitized user input in recoveryconsole/bpl/reports.php (createReportName and saveReport), allowing an authenticated user to create a file on disk with a user-controlled extension, content, and path, r...
CVE-2017-7280
Unitrents Enterprise Backup (before 9.0.0) contains a remote code execution vulnerability in api/includes/systems.php where user input is not properly filtered before passing to a popen call. This allows an attacker to craft a payload via user variables, leading to code execution. Products affect...
Kaseya Unitrends Detection (HTTP)
HTTP based detection of Kaseya Unitrends. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribut...
Unitrends < 9.1.2 Multiple Vulnerabilities
Unitrends is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE
No description provided by source...
CVE-2014-3139
recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to bypass authentication by setting the auth parameter to a certain string...
Authentication flaw
recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to bypass authentication by setting the auth parameter to a certain string...
CVE-2014-3139
recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to bypass authentication by setting the auth parameter to a certain string...
CVE-2014-3008
Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconsole/bpl/snmpd.php...
Code injection
Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconsole/bpl/snmpd.php...
CVE-2014-3008
Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconsole/bpl/snmpd.php...
CVE-2014-3008
Unitrends Enterprise Backup 7.3.0 is affected by multiple vulnerabilities, including remote code execution and an authentication bypass. The CVE-2014-3008 entry documents that remote authenticated users can execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconso...
Unitrends Unauthenticated Root Command Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Unitrends Unauthenticated Root RCE", 'Description' = %q , 'License' = MSFLICENSE, 'Author' = 'Brandon Perry ' discovery/metasploit...