Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
code42 code42 for enterprise vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2019-11551
In Code42 Enterprise and Crashplan for Small Business through Client version 6.9.1, an attacker can craft a restore request to restore a file through the Code42 app to a location they do not have privileges to write.
Code42 Crashplan For Small Business
Code42 Code42 For Enterprise
7
CVSSv3
CVE-2019-11552
Code42 Enterprise and Crashplan for Small Business Client version 6.7 prior to 6.7.5, 6.8 prior to 6.8.8, and 6.9 prior to 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privileg...
Code42 Code42 For Enterprise
Code42 Crashplan For Small Business
8.8
CVSSv3
CVE-2021-43269
In Code42 app prior to 8.8.0, eval injection allows an malicious user to change a device’s proxy configuration to use a malicious proxy auto-config (PAC) file, leading to arbitrary code execution. This affects Incydr Basic, Advanced, and Gov F1; CrashPlan Cloud; and CrashPl...
Code42 Code42
7.8
CVSSv3
CVE-2018-20131
The Code42 app prior to 6.8.4, as used in Code42 for Enterprise, on Linux installs with overly permissive permissions on the /usr/local/crashplan/log directory. This allows a user to manipulate symbolic links to escalate privileges, or show the contents of sensitive files that a ...
Code42 Code42
8.8
CVSSv3
CVE-2019-11553
In Code42 for Enterprise up to and including 6.8.4, an administrator without web restore permission but with the ability to manage users in an organization can impersonate a user with web restore permission. When requesting the token to do a web restore, an administrator with per...
Code42 Code42
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started