Cale Smith

**Name of the Vulnerable Software and Affected Versions** Unitrends Backup versions prior to 10.1.0 **Description** The issue allows an unauthenticated user to bypass authentication and inject arbitrary commands into the `parameters` using backquotes in the "/api/hosts" API endpoint. **Recommendations** For versions prior to 10.1.0, update to version 10.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Unitrends Backup versions prior to 10.1.0 **Description** A security issue was found where the authentication in libbpext.so could be bypassed using a SQL injection, allowing a remote attacker to potentially place a privilege escalation exploit on the system and execute arbitrary commands. **Recommendations** For versions prior to 10.1.0, update to version 10.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Unitrends Backup versions prior to 10.0.0 **Description** The issue is related to the `api/storage` web interface, where an input parameter was not validated, allowing a remote attacker to bypass authentication and execute arbitrary commands with root privilege on the target system. This flaw is associated with deficiencies in the authentication procedure, which can be exploited by a remote attacker to bypass authentication or execute arbitrary commands with root privileges. **Recommendations** For versions prior to 10.0.0, update to version 10.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the `api/storage` web interface to minimize the risk of exploitation. Avoid using unvalidated input parameters in the `api/storage` interface until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Unitrends Backup versions prior to 10.0.0 **Description** The issue is related to the bpserverd proprietary protocol in Unitrends Backup, which can be invoked through xinetd. It has been discovered that the authentication in this protocol can be bypassed. A remote attacker could exploit this issue to execute arbitrary commands with root privilege on the target system. The vulnerability is associated with weaknesses in the authentication procedure, allowing a remote attacker to bypass authentication or execute commands with root privileges. **Recommendations** For versions prior to 10.0.0, update to version 10.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the xinetd service to minimize the risk of exploitation.