Vulnerability Details CVE-2024-22903
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.02
EPSS Ranking 83.0%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2024-22903
-
cpe:2.3:a:vinchin:vinchin_backup_and_recovery:5.0
-
cpe:2.3:a:vinchin:vinchin_backup_and_recovery:6.0
-
cpe:2.3:a:vinchin:vinchin_backup_and_recovery:6.5.0.17561
-
cpe:2.3:a:vinchin:vinchin_backup_and_recovery:6.7
-
cpe:2.3:a:vinchin:vinchin_backup_and_recovery:7.0
-
cpe:2.3:a:vinchin:vinchin_backup_and_recovery:7.2