Shodan
Vulnerabilities
Vulnerable Software
Vinchin:  >> Vinchin Backup And Recovery  >> 7.0  Security Vulnerabilities
CVE-2024-25228
Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution (RCE) via the getVerifydiyResult function in ManoeuvreHandler.class.php.
CVSS Score
8.8
EPSS Score
0.431
Published
2024-03-14
CVE-2024-22899
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function.
CVSS Score
8.8
EPSS Score
0.16
Published
2024-02-02
CVE-2024-22900
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the setNetworkCardInfo function.
CVSS Score
8.8
EPSS Score
0.02
Published
2024-02-02
CVE-2024-22901
Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-02-02
CVE-2024-22902
Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-02-02
CVE-2024-22903
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function.
CVSS Score
8.8
EPSS Score
0.02
Published
2024-02-02
CVE-2023-45498
VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain a command injection vulnerability.
CVSS Score
9.8
EPSS Score
0.795
Published
2023-10-27
CVE-2023-45499
VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain hardcoded credentials.
CVSS Score
9.8
EPSS Score
0.695
Published
2023-10-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved