Vinchin Vinchin Backup And Recovery — known CVE vulnerabilities
Every CVE whose affected-product data names Vinchin Vinchin Backup And Recovery, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2023-45498 — CVSS 9.8 (critical): VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain a command injection vulnerability.
CVE-2022-35866 — CVSS 9.8 (critical): This vulnerability allows remote attackers to bypass authentication on affected installations of Vinchin Backup and Recovery 6.5.0.17561…
CVE-2023-45499 — CVSS 9.8 (critical): VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain hardcoded credentials.
CVE-2024-25228 — CVSS 8.8 (high): Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution (RCE) via the getVerifydiyResult function…
CVE-2024-22899 — CVSS 8.8 (high): Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime…
CVE-2024-22900 — CVSS 8.8 (high): Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the…
CVE-2024-22903 — CVSS 8.8 (high): Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK…