CVE-2018-20013

Name of the Vulnerable Software and Affected Versions UrBackup version 2.2.6

Description The issue allows an attacker to send a malformed request to the client over the network, triggering a metadata id!=0 assertion in fileservplugin/CClientThread.cpp CClientThread::ProcessPacket, which leads to the client application shutting down.

Recommendations For UrBackup version 2.2.6, as a temporary workaround, consider restricting access to the client application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.