Unitrends UEB bpserverd Authentication Bypass / Remote Command Execution
Posted by deepcore on October 22, 2017 – 3:50 pm
It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system.
Post a reply
You must be logged in to post a comment.