CVE-2014-3139

Unitrends Enterprise Backup - Authentication Bypass

Title source: rule

Description

recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to bypass authentication by setting the auth parameter to a certain string.

Exploits (1)

exploitdb WORKING POC

by Brandon Perry · rubyremoteunix

https://www.exploit-db.com/exploits/32885

View Code ZIP pw:eip

References (3)

[Various Sources] https://gist.github.com/brandonprry/10745756

[Exploit] http://seclists.org/fulldisclosure/2014/Apr/204

[Exploit] http://www.exploit-db.com/exploits/32885

Scores

EPSS 0.0428

EPSS Percentile 88.7%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

unitrends/enterprise_backup

Timeline

Published May 02, 2014

Tracked Since Feb 18, 2026