Product
vinchin backup and recovery
9 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-25228
CVE-2024-22903
CVE-2024-22902
CVE-2024-22901
CVE-2024-22900
CVE-2024-22899
CVE-2023-45499
CVE-2023-45498
CVE-2022-35866
<= 7.2
Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution (RCE) via the getVerifydiyResult
<= 7.2
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the delete
<= 7.2
Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials.
<= 7.2
Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials.
<= 7.2
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the setNet
<= 7.2
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNt
>= 5.0 and <= 7.0
VinChin Backup & Recovery v5.0., v6.0., v6.7., and v7.0. was discovered to contain hardcoded credentials.
>= 5.0 and <= 7.0
VinChin Backup & Recovery v5.0., v6.0., v6.7., and v7.0. was discovered to contain a command injection vulnerability.
all versions
This vulnerability allows remote attackers to bypass authentication on affected installations of Vinchin Backup and Recovery 6.5.0