CyberSec.Space Logo
Back to CVE Browser

CVE-2015-7709

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0210%
EPSS Percentile16.82th
PublishedOct 5, 2015
Last ModifiedMay 6, 2026

Vulnerability Description

The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to bypass authentication and execute arbitrary commands via a series of crafted requests involving the ARKFS_EXEC_CMD operation.

Affected Platforms (CPE)

πŸ“¦
Arkeia

Western Digital Arkeia

<= 11.0.12

References & Advisories

πŸ”— http://www.rapid7.com/db/modules/exploit/multi/misc/arkeia_agent_exec
πŸ”— https://packetstormsecurity.com/files/132660/Western-Digital-Arkeia-11.0.13-Remote-Code-Execution.html
πŸ”— https://www.exploit-db.com/exploits/37600/
πŸ”— http://www.rapid7.com/db/modules/exploit/multi/misc/arkeia_agent_exec
πŸ”— https://packetstormsecurity.com/files/132660/Western-Digital-Arkeia-11.0.13-Remote-Code-Execution.html
πŸ”— https://www.exploit-db.com/exploits/37600/

Related Vulnerabilities

CVE-2015-035210.0

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux ...

CVE-2015-304910.0

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2015-034210.0

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X a...

CVE-2015-035310.0

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux ...