PT-2026-44177 · Unknown · Comet Backup
Georgii Shutiaev
·
Published
2026-05-28
·
Updated
2026-05-31
·
CVE-2026-32999
CVSS v3.1
9.0
Critical
| Vector | AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Comet Backup versions prior to 26.4.3
Comet Backup versions prior to 26.5.0
Description
Insufficient character filtering in the backup agent signing module allows an authenticated tenant administrator with branding permissions to execute arbitrary code on the server and connected devices on behalf of a privileged user. This is achieved by uploading malicious
.dll or .so files through the branding configuration and generating a backup-tool client. Successful exploitation can lead to a full takeover of the server instance and unauthorized access to configuration files and backed-up data.Recommendations
Upgrade to version 26.4.3 or later.
Upgrade to version 26.5.0 or later.
Fix
RCE
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Comet Backup