CVE-2021-43033— Unitrends Backup 操作系统命令注入漏洞

N/A

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Multiple functions in the bpserverd daemon were vulnerable to arbitrary remote code execution as root. The vulnerability was caused by untrusted input (received by the server) being passed to system calls.

N/A

N/A

Unitrends Backup 操作系统命令注入漏洞

Unitrends Backup是消除数据丢失、 勒索软件和风险。 Unitrends Backup存在操作系统命令注入漏洞，该漏洞源于在10.5.5之前在Kaseya Unitrends备份设备中发现了一个问题。bpserverd守护进程中的多个函数容易受到作为根的任意远程代码执行的影响。该漏洞是由传递给系统调用的不可信输入(由服务器接收)引起的。

N/A

N/A