CVE-2024-3781
- EPSS 0.33%
- Veröffentlicht 15.04.2024 14:15:08
- Zuletzt bearbeitet 10.04.2025 18:42:29
Command injection vulnerability in the operating system. Improper neutralisation of special elements in Active Directory integration allows the intended command to be modified when sent to a downstream component in WBSAirback 21.02.04.
CVE-2024-3782
- EPSS 0.16%
- Veröffentlicht 15.04.2024 14:15:08
- Zuletzt bearbeitet 10.04.2025 19:54:59
Cross-Site Request Forgery vulnerability in WBSAirback 21.02.04, which could allow an attacker to create a manipulated HTML form to perform privileged actions once it is executed by a privileged user.
CVE-2024-3783
- EPSS 0.21%
- Veröffentlicht 15.04.2024 14:15:08
- Zuletzt bearbeitet 10.04.2025 20:20:37
The Backup Agents section in WBSAirback 21.02.04 is affected by a Path Traversal vulnerability, allowing a user with low privileges to download files from the system.
CVE-2024-3784
- EPSS 0.48%
- Veröffentlicht 15.04.2024 14:15:08
- Zuletzt bearbeitet 27.02.2025 15:34:49
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through S3 Accounts (/admin/CloudAccounts). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
CVE-2024-3785
- EPSS 0.48%
- Veröffentlicht 15.04.2024 14:15:08
- Zuletzt bearbeitet 10.04.2025 14:28:44
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device NAS shared section (/admin/DeviceNAS). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
CVE-2024-3786
- EPSS 0.48%
- Veröffentlicht 15.04.2024 14:15:08
- Zuletzt bearbeitet 10.04.2025 14:28:32
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device Synchronizations (/admin/DeviceReplication). Exploitation of this vulnerability could allow a remote user to execute arbitrary ...