PT-2005-1551 · Arkeia · Arkeia Network Backup Client
H D Moore
·
Published
2005-02-21
·
Updated
2024-02-13
·
CVE-2005-0496
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Arkeia Network Backup Client version 5.x
Description
The issue concerns hard-coded credentials in the software, which act as a back door. This back door allows remote attackers to access the file system and possibly execute arbitrary commands.
Recommendations
For Arkeia Network Backup Client version 5.x, consider changing the hard-coded credentials to secure ones and restrict access to the file system until a patch is available. As a temporary workaround, restrict remote access to the client to minimize the risk of exploitation.
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Arkeia Network Backup Client