Arkeia: Security Vulnerabilities
The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to bypass authentication and execute arbitrary commands via a series of crafted requests involving the ARKFS_EXEC_CMD operation.
CVSS Score
10.0
EPSS Score
0.884
Published
2015-10-05
Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands.
CVSS Score
9.8
EPSS Score
0.026
Published
2005-02-21
Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt() function, which makes it easier for an attacker to conduct brute force password guessing.
CVSS Score
9.8
EPSS Score
0.004
Published
2001-08-31