Wbsairback Security Vulnerabilities and Issues — Wbsairback CVE List

Lucene search

WhitebearsolutionsWbsairback

6 matches found

CVE•added 2024/04/15 2:15 p.m.•61 views

CVE-2024-3781

Command injection vulnerability in the operating system. Improper neutralisation of special elements in Active Directory integration allows the intended command to be modified when sent to a downstream component in WBSAirback 21.02.04.

9.1CVSS7.2AI score0.00242EPSS

CVE•added 2024/04/15 2:15 p.m.•58 views

CVE-2024-3784

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through S3 Accounts (/admin/CloudAccounts). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.

6.6CVSS7.5AI score0.00354EPSS

CVE•added 2024/04/15 2:15 p.m.•54 views

CVE-2024-3786

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device Synchronizations (/admin/DeviceReplication). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.

6.6CVSS7.5AI score0.00354EPSS

CVE•added 2024/04/15 2:15 p.m.•53 views

CVE-2024-3782

Cross-Site Request Forgery vulnerability in WBSAirback 21.02.04, which could allow an attacker to create a manipulated HTML form to perform privileged actions once it is executed by a privileged user.

8.8CVSS6.6AI score0.00136EPSS

CVE•added 2024/04/15 2:15 p.m.•50 views

CVE-2024-3783

The Backup Agents section in WBSAirback 21.02.04 is affected by a Path Traversal vulnerability, allowing a user with low privileges to download files from the system.

7.7CVSS6.7AI score0.00151EPSS

CVE•added 2024/04/15 2:15 p.m.•44 views

CVE-2024-3785

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device NAS shared section (/admin/DeviceNAS). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.

6.6CVSS7.5AI score0.00354EPSS