Vulners
Lucene search
Vinchin Backup And Recovery 7.2 SystemHandler.class.php Command Injection Vulnerability
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | The vulnerability of the deleteUpdateAPK() function in the Vinchin Backup & Recovery software allows a hacker to execute arbitrary commands. | 9 Feb 202400:00 | – | bdu_fstec |
 | CVE-2024-22903 | 2 Feb 202403:22 | – | circl |
 | Vinchin Backup and Recovery Security Vulnerabilities | 2 Feb 202400:00 | – | cnnvd |
 | CVE-2024-22903 | 2 Feb 202400:00 | – | cve |
 | CVE-2024-22903 | 2 Feb 202400:00 | – | cvelist |
 | EUVD-2024-20428 | 3 Oct 202520:07 | – | euvd |
 | Exploit for Code Injection in Vinchin Vinchin_Backup_And_Recovery | 6 Nov 202309:24 | – | githubexploit |
 | CVE-2024-22903 | 2 Feb 202402:15 | – | nvd |
 | CVE-2024-22903 | 2 Feb 202402:15 | – | osv |
 | Vinchin Backup And Recovery 7.2 SystemHandler.class.php Command Injection | 26 Jan 202400:00 | – | packetstorm |
10
CVE ID: CVE-2024-22903
Title: Command Injection Vulnerability in SystemHandler.class.php of Vinchin Backup & Recovery Versions 7.2 and Earlier
Description:
A significant security vulnerability, CVE-2024-22903, has been identified in the `deleteUpdateAPK` function within the `SystemHandler.class.php` file of Vinchin Backup & Recovery software, affecting versions 7.2 and earlier. This function, designed to delete APK files, is prone to a command injection vulnerability due to improper handling of input parameters.
Function Analysis:
- The function extracts `md5` and `file_name` parameters from user input.
- It includes a check for an empty `file_name`, but lacks adequate validation or sanitization for the input used in constructing system commands.
- The command to delete the specified APK file, built using the `file_name` parameter, is executed via the `exec` function, leading to a security vulnerability.
Exploitation Risk:
Attackers can exploit this flaw by inserting malicious commands in the `file_name` parameter. When this parameter is processed by the vulnerable function, the injected commands are executed on the server, presenting a severe risk of unauthorized access or control.
Current Status:
As of the latest information, there is no known patch available for this vulnerability in versions 7.2 and earlier of Vinchin Backup & Recovery.
Recommendation:
Users are urged to be vigilant and to monitor Vinchin for any security updates. Until a patch is released, implementing additional security controls and closely monitoring system activity is crucial for mitigating the risk posed by this vulnerability.
Signed,Valentin Lobstein
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
29 Jan 2024 00:00Current
7.2High risk
Vulners AI Score7.2
CVSS 3.18.8
EPSS0.03859
SSVC