📦 Unitrends Backup

CVE-2021-40386 is a critical remote code execution vulnerability in Kaseya Unitrends Client/Agent software. Attackers can exploit this to execute arbitrary code on affected systems, potentially gainin...

CVE-2021-43033 is a critical remote code execution vulnerability in Kaseya Unitrends Backup Appliance's bpserverd daemon that allows attackers to execute arbitrary commands as root. The vulnerability ...

Two unauthenticated SQL injection vulnerabilities in Kaseya Unitrends Backup Appliance allow attackers to execute arbitrary SQL queries as the postgres superuser. This leads to remote code execution a...

A buffer overflow vulnerability in the vaultServer component of Kaseya Unitrends Backup Appliance allows remote unauthenticated attackers to execute arbitrary code or cause denial of service. This aff...

Kaseya Unitrends Backup Appliance versions before 10.5.5 use a weak default SNMP community string, allowing attackers to read and potentially modify SNMP data. This affects all deployments using defau...

CVE-2021-43037 is a privilege escalation vulnerability in Kaseya Unitrends Backup Appliance Windows agent due to insecure default permissions that allow DLL injection and binary planting. An unprivile...

This vulnerability in Kaseya Unitrends Backup Appliance allows privileged vaultServer processes to create arbitrary writable files, enabling attackers to escalate privileges. It affects organizations ...