Vinchin: >> Vinchin Backup And Recovery >> 7.2 Security Vulnerabilities
Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution (RCE) via the getVerifydiyResult function in ManoeuvreHandler.class.php.
CVSS Score
8.8
EPSS Score
0.431
Published
2024-03-14
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function.
CVSS Score
8.8
EPSS Score
0.16
Published
2024-02-02
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the setNetworkCardInfo function.
CVSS Score
8.8
EPSS Score
0.02
Published
2024-02-02
Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-02-02
Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-02-02
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function.
CVSS Score
8.8
EPSS Score
0.02
Published
2024-02-02