Skip to main content

Unitrends Backup

16 CVEs product

Monthly

CVE-2021-43044 CRITICAL POC Act Now

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Unitrends Backup
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-43043 MEDIUM POC This Month

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Apache Information Disclosure Unitrends Backup
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2021-43042 CRITICAL POC Act Now

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Unitrends Backup
NVD
CVSS 3.1
9.8
EPSS
2.9%
CVE-2021-43041 HIGH POC This Week

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Unitrends Backup
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-43040 HIGH POC This Week

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Unitrends Backup
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2021-43039 MEDIUM POC This Month

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Unitrends Backup
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-43038 HIGH POC This Week

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation PostgreSQL Unitrends Backup
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-43037 HIGH POC This Week

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Privilege Escalation Unitrends Backup
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-43036 CRITICAL POC Act Now

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PostgreSQL Brute Force Unitrends Backup
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-43035 CRITICAL POC Act Now

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PostgreSQL RCE Unitrends Backup
NVD
CVSS 3.1
9.8
EPSS
3.3%
CVE-2021-43034 HIGH POC This Week

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apache Privilege Escalation RCE Unitrends Backup
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-43033 CRITICAL POC Act Now

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Unitrends Backup
NVD
CVSS 3.1
9.8
EPSS
6.0%
CVE-2018-6328 CRITICAL POC THREAT Emergency

It was discovered that the Unitrends Backup (UB) before 10.1.0 user interface was exposed to an authentication bypass, which then could allow an unauthenticated user to inject arbitrary commands into. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Unitrends Backup
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
65.5%
CVE-2017-12479 HIGH POC THREAT Act Now

It was discovered that an issue in the session logic in Unitrends Backup (UB) before 10.0.0 allowed using the LOGDIR environment variable during a web session to elevate an existing low-privilege. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 13.5%.

Information Disclosure Unitrends Backup
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
13.5%
CVE-2017-12478 CRITICAL POC THREAT Emergency

It was discovered that the api/storage web interface in Unitrends Backup (UB) before 10.0.0 has an issue in which one of its input parameters was not validated. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 81.6%.

Authentication Bypass Unitrends Backup
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
81.6%
Threat
5.9
CVE-2017-12477 CRITICAL POC THREAT Emergency

It was discovered that the bpserverd proprietary protocol in Unitrends Backup (UB) before 10.0.0, as invoked through xinetd, has an issue in which its authentication can be bypassed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 76.0%.

Authentication Bypass Unitrends Backup
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
76.0%
Threat
5.7
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Unitrends Backup
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Apache Information Disclosure Unitrends Backup
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Unitrends Backup
NVD
EPSS 2% CVSS 8.8
HIGH POC This Week

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Unitrends Backup
NVD
EPSS 2% CVSS 8.8
HIGH POC This Week

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Unitrends Backup
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Unitrends Backup
NVD
EPSS 2% CVSS 8.8
HIGH POC This Week

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation PostgreSQL Unitrends Backup
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Privilege Escalation Unitrends Backup
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PostgreSQL Brute Force +1
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PostgreSQL RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apache Privilege Escalation RCE +1
NVD
EPSS 6% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Unitrends Backup
NVD
EPSS 66% CVSS 9.8
CRITICAL POC THREAT Emergency

It was discovered that the Unitrends Backup (UB) before 10.1.0 user interface was exposed to an authentication bypass, which then could allow an unauthenticated user to inject arbitrary commands into. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Unitrends Backup
NVD Exploit-DB
EPSS 13% CVSS 8.8
HIGH POC THREAT Act Now

It was discovered that an issue in the session logic in Unitrends Backup (UB) before 10.0.0 allowed using the LOGDIR environment variable during a web session to elevate an existing low-privilege. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 13.5%.

Information Disclosure Unitrends Backup
NVD Exploit-DB
EPSS 82% 5.9 CVSS 9.8
CRITICAL POC THREAT Emergency

It was discovered that the api/storage web interface in Unitrends Backup (UB) before 10.0.0 has an issue in which one of its input parameters was not validated. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 81.6%.

Authentication Bypass Unitrends Backup
NVD Exploit-DB
EPSS 76% 5.7 CVSS 9.8
CRITICAL POC THREAT Emergency

It was discovered that the bpserverd proprietary protocol in Unitrends Backup (UB) before 10.0.0, as invoked through xinetd, has an issue in which its authentication can be bypassed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 76.0%.

Authentication Bypass Unitrends Backup
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy