Kaseya VSA R9.2 Arbitrary File Read
Posted by deepcore on January 16, 2018 – 8:04 am
A security vulnerability was found in Kaseya VSA file download file functionality. Using this vulnerability an authenticated user in a Kaseya VSA environment is able to download arbitrary files from the server (including source code of Kaseya, the database backups, configuration files, and even windows files). Version R9.2 was found affected.
Post a reply
You must be logged in to post a comment.