PT-2026-44177 · Unknown · Comet Backup

Georgii Shutiaev

·

Published

2026-05-28

·

Updated

2026-05-31

·

CVE-2026-32999

CVSS v3.1

9.0

Critical

VectorAV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Comet Backup versions prior to 26.4.3 Comet Backup versions prior to 26.5.0
Description Insufficient character filtering in the backup agent signing module allows an authenticated tenant administrator with branding permissions to execute arbitrary code on the server and connected devices on behalf of a privileged user. This is achieved by uploading malicious .dll or .so files through the branding configuration and generating a backup-tool client. Successful exploitation can lead to a full takeover of the server instance and unauthorized access to configuration files and backed-up data.
Recommendations Upgrade to version 26.4.3 or later. Upgrade to version 26.5.0 or later.

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-32999

Affected Products

Comet Backup