CVE-2024-22901
CRITICALDescription
Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials.
Is your site exposed to CVE-2024-22901?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Affected Products
| Vendor | Product |
|---|---|
| vinchin | vinchin_backup_and_recovery |
References
Exploits
Other References
Frequently Asked Questions
What is CVE-2024-22901? +
How severe is CVE-2024-22901? +
What products are affected by CVE-2024-22901? +
How do I check if I'm vulnerable to CVE-2024-22901? +
Related Vulnerabilities
Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials.
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function.
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the setNetworkCardInfo function.
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function.
Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution (RCE) via the getVerifydiyResult function in …