Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitdefender update server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-0677
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an malicious user to cause a Denial-of-Service. This issue affects: Bitdefender Upda...
Bitdefender Endpoint Security Tools
Bitdefender Gravityzone
Bitdefender Update Server
6.4
CVSSv2
CVE-2020-15297
Insufficient validation in the Bitdefender Update Server and BEST Relay components of Bitdefender Endpoint Security Tools versions before 6.6.20.294 allows an unprivileged malicious user to bypass the in-place mitigations and interact with hosts on the network. This issue affects...
Bitdefender Update Server
7.8
CVSSv2
CVE-2008-0396
Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender products including Security for Fileservers and Enterprise Manager (BDEM), allows remote malicious users to read arbitrary files via .. (dot dot) sequences in an HTTP request.
Bitdefender Update Server
1 EDB exploit
5
CVSSv2
CVE-2014-5350
Multiple directory traversal vulnerabilities in Bitdefender GravityZone prior to 5.1.11.432 allow remote malicious users to read arbitrary files via a (1) .. (dot dot) in the id parameter to webservice/CORE/downloadFullKitEpc/a/1 in the Web Console or (2) %2E%2E (encoded dot dot)...
Bitdefender Gravityzone
1 EDB exploit
NA
CVE-2024-2223
An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an malicious user to cause a Server Side Request Forgery and reconfigure the relay. This issue affects the following products that include the vulnerable component: Bitdefender Endpoint ...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started