Cobiansoft: Security Vulnerabilities
Cobian Backup 11 Gravity 11.2.0.582 contains a denial of service vulnerability in the FTP password input field that allows attackers to crash the application. Attackers can generate a specially crafted 800-byte buffer and paste it into the password field to trigger an application crash.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-12-22
Cobian Reflector 0.9.93 RC1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the password input field. Attackers can paste a large 8000-byte buffer into the password field to trigger an application crash during SFTP task configuration.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-12-22
Cobian Backup 11 client allows man-in-the-middle attackers to add and execute new backup tasks when the master server is spoofed. In addition, the attacker can execute system commands remotely by abusing pre-backup events.
CVSS Score
8.1
EPSS Score
0.006
Published
2017-07-17