CVE-2017-7281
Last modified
CVE-2017-7281 is a vulnerability of currently unknown severity. An issue was discovered in Unitrends Enterprise Backup before 9.1.2. A lack of sanitization of user input in the createReportName and saveReport functions in recoveryconsole/bpl/reports.php allows for an authenticated user to create a randomly named file on disk with a user-controlled extension, contents, and path, leading to remote code execution, aka Unrestricted File Upload.. EPSS estimates a 4.32% chance of exploitation in the next 30 days.
Description
An issue was discovered in Unitrends Enterprise Backup before 9.1.2. A lack of sanitization of user input in the createReportName and saveReport functions in recoveryconsole/bpl/reports.php allows for an authenticated user to create a randomly named file on disk with a user-controlled extension, contents, and path, leading to remote code execution, aka Unrestricted File Upload.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Unitrends | Enterprise Backup | <= 9.1.1 |
References
- https://rhinosecuritylabs.com/research/remote-code-execution-bug-hunting-chapter-1/Exploit, Third Party Advisory
- https://rhinosecuritylabs.com/research/remote-code-execution-bug-hunting-chapter-1/Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-7281?
How severe is CVE-2017-7281?
How do I fix CVE-2017-7281?
Are you affected by CVE-2017-7281?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST