Milos Colakovic

**Name of the Vulnerable Software and Affected Versions** Acronis Backup plugin for cPanel & WHM (Linux) versions prior to build 818 **Description** The issue is related to sensitive information disclosure during file browsing due to improper symbolic link handling. This can lead to unauthorized access and potential data compromise. **Recommendations** For Acronis Backup plugin for cPanel & WHM (Linux) versions prior to build 818, upgrade to build 818 or later to mitigate the risks of unauthorized access and potential data compromise. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Acronis Backup plugin for cPanel & WHM (Linux) versions before build 818 Acronis Backup extension for Plesk (Linux) versions before build 599 Acronis Backup plugin for DirectAdmin (Linux) versions before build 181 Description: The issue is related to arbitrary file overwrite during recovery due to improper symbolic link handling. This can allow a remote attacker to elevate their privileges. Recommendations: For Acronis Backup plugin for cPanel & WHM (Linux) versions before build 818, update to build 818 or later. For Acronis Backup extension for Plesk (Linux) versions before build 599, update to build 599 or later. For Acronis Backup plugin for DirectAdmin (Linux) versions before build 181, update to build 181 or later.