Haystacksoftware: Security Vulnerabilities
Arq Backup 7.19.5.0 and below stores backup encryption passwords using reversible encryption. This issue allows attackers with administrative privileges to recover cleartext passwords.
CVSS Score
4.9
EPSS Score
0.001
Published
2022-09-09
The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted update URL, as demonstrated by file:///tmp/blah/Arq.zip.
CVSS Score
7.8
EPSS Score
0.005
Published
2018-01-31
The standardrestorer binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted restore path.
CVSS Score
7.8
EPSS Score
0.005
Published
2018-01-31