📦 Vsa

CVE-2021-30118 is an unauthenticated arbitrary file upload vulnerability in Kaseya VSA that allows remote attackers to upload malicious ASP.NET files and execute arbitrary code with web server privile...

This vulnerability allows attackers to bypass two-factor authentication (2FA) in Kaseya VSA by manipulating client-side authentication logic. Attackers who obtain valid credentials can use a proxy to ...

This is an XML External Entity (XXE) vulnerability in Kaseya VSA's web service API that allows attackers to read arbitrary files on the server and potentially pivot into internal networks. The vulnera...