Whitebearsolutions: >> Wbsairback Security Vulnerabilities
Command injection vulnerability in the operating system. Improper neutralisation of special elements in Active Directory integration allows the intended command to be modified when sent to a downstream component in WBSAirback 21.02.04.
CVSS Score
9.1
EPSS Score
0.002
Published
2024-04-15
Cross-Site Request Forgery vulnerability in WBSAirback 21.02.04, which could allow an attacker to create a manipulated HTML form to perform privileged actions once it is executed by a privileged user.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-04-15
The Backup Agents section in WBSAirback 21.02.04 is affected by a Path Traversal vulnerability, allowing a user with low privileges to download files from the system.
CVSS Score
7.7
EPSS Score
0.002
Published
2024-04-15
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through S3 Accounts (/admin/CloudAccounts). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
CVSS Score
6.6
EPSS Score
0.004
Published
2024-04-15
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device NAS shared section (/admin/DeviceNAS). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
CVSS Score
6.6
EPSS Score
0.004
Published
2024-04-15
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device Synchronizations (/admin/DeviceReplication). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
CVSS Score
6.6
EPSS Score
0.004
Published
2024-04-15
Page 2