CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-3008

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1110%
EPSS Percentile14.69th
Published2014年4月28日
Last Modified2026年5月6日

Vulnerability Description

Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconsole/bpl/snmpd.php.

Affected Platforms (CPE)

📦
Unitrends

Enterprise Backup

= 7.3.0

References & Advisories

🔗 http://seclists.org/fulldisclosure/2014/Apr/204
🔗 http://secunia.com/advisories/58001
🔗 http://www.exploit-db.com/exploits/32885
🔗 http://www.securityfocus.com/bid/66928
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/92642
🔗 https://gist.github.com/brandonprry/10745756
🔗 http://seclists.org/fulldisclosure/2014/Apr/204
🔗 http://secunia.com/advisories/58001

関連する脆弱性情報

CVE-2006-517210.0

Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 throu...

CVE-2007-213910.0

Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server...

CVE-2006-517110.0

Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 throu...

CVE-2007-532510.0

Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and E...