Lucene search

K

Idrive Security Vulnerabilities

cve
cve

CVE-2011-5290

The SaveToFile method in the UniBasicPack.UniTextBox ActiveX control in UniBasic100_EDA1811C.ocx in IDrive Online Backup 3.4.0 allows remote attackers to write to arbitrary files via a pathname in the first...

7AI Score

0.002EPSS

2022-10-03 04:15 PM
23
cve
cve

CVE-2021-34692

iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM...

7.8CVSS

7.7AI Score

0.0004EPSS

2021-07-15 02:15 PM
20
3
cve
cve

CVE-2021-34690

iDrive RemotePC before 7.6.48 on Windows allows authentication bypass. A remote and unauthenticated attacker can bypass cloud authentication to connect and control a system via TCP port 5970 and...

9.8CVSS

9.6AI Score

0.003EPSS

2021-07-15 02:15 PM
19
4
cve
cve

CVE-2021-34691

iDrive RemotePC before 4.0.1 on Linux allows denial of service. A remote and unauthenticated attacker can disconnect a valid user session by connecting to an ephemeral...

7.5CVSS

7.5AI Score

0.001EPSS

2021-07-15 02:15 PM
23
2
cve
cve

CVE-2021-34688

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an...

3.3CVSS

3.8AI Score

0.0004EPSS

2021-07-15 02:15 PM
20
4
cve
cve

CVE-2021-34687

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution...

5.3CVSS

4.9AI Score

0.001EPSS

2021-07-15 02:15 PM
23
2
cve
cve

CVE-2021-34689

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log...

5.5CVSS

5.1AI Score

0.0004EPSS

2021-07-15 02:15 PM
17
5
cve
cve

CVE-2020-15351

IDrive before 6.7.3.19 on Windows installs by default to %PROGRAMFILES(X86)%\IDriveWindows with weak folder permissions granting any user modify permission (i.e., NT AUTHORITY\Authenticated Users:(OI)(CI)(M)) to the contents of the directory and its sub-folders. In addition, the program installs a....

7.8CVSS

7.6AI Score

0.0004EPSS

2020-06-26 07:15 PM
14