CVE-2023-45499
CVE-2023-45499
Vexday Risk Score
18Bajo
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
Madurez del exploit
Exploit funcional
Exploit automatizable disponible (Nuclei/Metasploit).
CVSS —EPSS 7.9%KEV nãoPoC —Nuclei —Metasploit simPatch —
Ciclo de vida
26 oct 2023Exploit Metasploit disponible
27 oct 2023Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain hardcoded credentials.
Productos afectados
n/a · n/aReferencias
http://packetstormsecurity.com/files/175397/VinChin-VMWare-Backup-7.0-Hardcoded-Credential-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/176289/Vinchin-Backup-And-Recovery-Command-Injection.htmlhttps://blog.leakix.net/2023/10/vinchin-backup-rce-chain/http://seclists.org/fulldisclosure/2023/Oct/31