CVE-2024-22901 - OpenCVE

Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials.

No CVSS v3.0

No CVSS v2

Vendors	Products
Vinchin	Vinchin Backup And Recovery

Configuration 1 [-]

cpe:2.3:a:vinchin:vinchin_backup_and_recovery:*:*:*:*:*:*:*:*

References

Link	Resource
http://vinchin.com	Product
https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/	Exploit Third Party Advisory
https://seclists.org/fulldisclosure/2024/Jan/30	Mailing List Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2024-02-02T00:00:00

Updated: 2024-02-02T02:03:44.216434

Reserved: 2024-01-11T00:00:00

Link: CVE-2024-22901

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-02-02T02:15:18.177

Modified: 2024-02-07T17:37:28.593

Link: CVE-2024-22901

JSON object: View

Redhat Information

No data.

CWE