Published: 07/08/2017 Updated: 16/12/2021

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

It exists that the bpserverd proprietary protocol in Unitrends Backup (UB) prior to 10.0.0, as invoked through xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kaseya unitrends backup

# Exploit Title: Unauthenticated root RCE for Unitrends UEB 91 # Date: 08/08/2017 # Exploit Authors: Jared Arave, Cale Smith, Benny Husted # Contact: twittercom/iotennui || twittercom/BennyHusted || twittercom/0xC413 # Vendor Homepage: wwwunitrendscom/ # Software Link: wwwunitrendscom/download/enterpr ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::Tcp include Msf::Exploit::CmdStager def initialize(info = {}) super(update_info(info, 'N ...

It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system ...

Unitrends UEB version 91 bpserverd remote command execution exploit ...

CWE-287 https://support.unitrends.com/UnitrendsBackup/s/article/000005755 https://www.exploit-db.com/exploits/43031/https://nvd.nist.gov https://www.exploit-db.com/exploits/42957/

CVE-2017-12477

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect