CyberSec.Space Logo
Back to CVE Browser

CVE-2014-3008

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1110%
EPSS Percentile14.69th
PublishedApr 28, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconsole/bpl/snmpd.php.

Affected Platforms (CPE)

πŸ“¦
Unitrends

Enterprise Backup

= 7.3.0

References & Advisories

πŸ”— http://seclists.org/fulldisclosure/2014/Apr/204
πŸ”— http://secunia.com/advisories/58001
πŸ”— http://www.exploit-db.com/exploits/32885
πŸ”— http://www.securityfocus.com/bid/66928
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/92642
πŸ”— https://gist.github.com/brandonprry/10745756
πŸ”— http://seclists.org/fulldisclosure/2014/Apr/204
πŸ”— http://secunia.com/advisories/58001

Related Vulnerabilities

CVE-2006-517210.0

Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 throu...

CVE-2007-213910.0

Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server...

CVE-2006-517110.0

Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 throu...

CVE-2007-532510.0

Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and E...