Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unitrends backup vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-43043
An issue exists in Kaseya Unitrends Backup Appliance prior to 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule.
Kaseya Unitrends Backup
7.5
CVSSv2
CVE-2021-43044
An issue exists in Kaseya Unitrends Backup Appliance prior to 10.5.5. The SNMP daemon was configured with a weak default community.
Kaseya Unitrends Backup
6.9
CVSSv2
CVE-2021-43037
An issue exists in Kaseya Unitrends Backup Appliance prior to 10.5.5. The Unitrends Windows agent was vulnerable to DLL injection and binary planting due to insecure default permissions. This allowed privilege escalation from an unprivileged user to SYSTEM.
Kaseya Unitrends Backup
10
CVSSv2
CVE-2017-12477
It exists that the bpserverd proprietary protocol in Unitrends Backup (UB) prior to 10.0.0, as invoked through xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target ...
Kaseya Unitrends Backup
2 EDB exploits
9
CVSSv2
CVE-2017-12479
It exists that an issue in the session logic in Unitrends Backup (UB) prior to 10.0.0 allowed using the LOGDIR environment variable during a web session to elevate an existing low-privilege user to root privileges. A remote attacker with existing low-privilege credentials could t...
Kaseya Unitrends Backup
1 EDB exploit
9
CVSSv2
CVE-2021-40385
An issue exists in the server software in Kaseya Unitrends Backup Software prior to 10.5.5-2. There is a privilege escalation from read-only user to admin.
Kaseya Unitrends Backup Software
9
CVSSv2
CVE-2021-40387
An issue exists in the server software in Kaseya Unitrends Backup Software prior to 10.5.5-2. There is authenticated remote code execution.
Kaseya Unitrends Backup Software
7.5
CVSSv2
CVE-2014-3139
recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote malicious users to bypass authentication by setting the auth parameter to a certain string.
Unitrends Enterprise Backup 7.3.0
1 EDB exploit
10
CVSSv2
CVE-2014-3008
Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconsole/bpl/snmpd.php.
Unitrends Enterprise Backup 7.3.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3