Unitrends Backup vulnerabilities
2 known vulnerabilities affecting unitrends/backup.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2018-6329P1CRITICALCVSS 9.8PoCfixed in 10.1.102018-03-14
CVE-2018-6329 [CRITICAL] CWE-89 CVE-2018-6329: It was discovered that the Unitrends Backup (UB) before 10.1.0 libbpext.so authentication could be b
It was discovered that the Unitrends Backup (UB) before 10.1.0 libbpext.so authentication could be bypassed with a SQL injection, allowing a remote attacker to place a privilege escalation exploit on the target system and subsequently execute arbitrary commands.
nvd
CVE-2020-8427P3CRITICALCVSS 9.8fixed in 10.4.12020-02-17
CVE-2020-8427 [CRITICAL] CWE-89 CVE-2020-8427: In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing fo
In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass.
nvd