ГлавнаяУязвимости → CVE-2024-22901
9.8критическая

CVE-2024-22901

→ есть в БДУ: BDU:2024-01304 (на русском)
Описание (на английском; русское — в БДУ выше)

Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials.

Затрагиваемое ПО
Vinchin Vinchin backup and recovery
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/https://seclists.org/fulldisclosure/2024/Jan/30http://packetstormsecurity.com/files/176794/Vinchin-Backup-And-Recovery-7.2-Default-MySQL-Credentials.htmlhttp://seclists.org/fulldisclosure/2024/Jan/30https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/https://seclists.org/fulldisclosure/2024/Jan/30