CVE-2017-7282

EPSS 7.53% · P92 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-7282

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An issue was discovered in Unitrends Enterprise Backup before 9.1.1. The function downloadFile in api/includes/restore.php blindly accepts any filename passed to /api/restore/download as valid. This allows an authenticated attacker to read any file in the filesystem that the web server has access to, aka Local File Inclusion (LFI).

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Unitrends Enterprise Backup 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Unitrends Enterprise Backup是美国Unitrends公司的一套企业级数据保护软件。该软件提供数据备份、数据恢复和重复数据删除等功能。 Unitrends Enterprise Backup 9.1.1之前的版本中的api/includes/restore.php文件存在安全漏洞，该漏洞源于‘downloadFile’函数接收任意传递到/api/restore/download的文件名。攻击者可利用该漏洞读取文件系统中的任意文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2017-7282

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-7282

请登录查看更多情报信息。

Same Patch Batch · n/a · 2017-04-20 · 93 CVEs total

CVE-2016-7540		ImageMagick 安全漏洞
CVE-2016-7535		ImageMagick 安全漏洞
CVE-2016-7532		ImageMagick 安全漏洞
CVE-2016-7526		ImageMagick 缓冲区错误漏洞
CVE-2016-7525		ImageMagick 缓冲区错误漏洞
CVE-2016-7521		ImageMagick 缓冲区错误漏洞
CVE-2016-7520		ImageMagick 缓冲区错误漏洞
CVE-2016-7518		ImageMagick 安全漏洞
CVE-2016-7527		ImageMagick 缓冲区错误漏洞
CVE-2016-7538		ImageMagick 缓冲区错误漏洞
CVE-2016-7536		ImageMagick 输入验证错误漏洞
CVE-2017-5183		NetIQ Access Manager 跨站脚本漏洞
CVE-2017-5156		Schneider Electric Wonderware InTouch Access Anywhere 跨站请求伪造漏洞
CVE-2017-5158		Schneider Electric Wonderware InTouch Access Anywhere 信息泄露漏洞
CVE-2017-5160		Schneider Electric Wonderware InTouch Access Anywhere 安全漏洞
CVE-2015-8285		QuickHeal webssx.sys驱动程序缓冲区错误漏洞
CVE-2016-1161		ZOHO ManageEngine Password Manager Pro 跨站请求伪造漏洞
CVE-2016-3729		Moodle 安全漏洞
CVE-2016-3731		Moodle 安全漏洞
CVE-2016-3732		Moodle 安全漏洞

Showing top 20 of 93 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2017-7282

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-7282

I. Basic Information for CVE-2017-7282

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-7282

III. Intelligence Information for CVE-2017-7282

Same Patch Batch · n/a · 2017-04-20 · 93 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2017-7282

Leave a comment