CVE-2017-12477

CRITICAL

Unitrends UEB bpserverd authentication bypass RCE

Title source: metasploit

Description

It was discovered that the bpserverd proprietary protocol in Unitrends Backup (UB) before 10.0.0, as invoked through xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotelinux_x86

https://www.exploit-db.com/exploits/43031

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Jared Arave · pythonremotelinux

https://www.exploit-db.com/exploits/42957

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Jared Arave, Cale Smith, Benny Husted · rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/ueb9_bpserverd.rb

View Code ZIP pw:eip

References (2)

[Vendor Advisory] https://support.unitrends.com/UnitrendsBackup/s/article/000005755

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/43031/

Scores

CVSS v3 9.8

EPSS 0.7601

EPSS Percentile 98.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-287

Status published

Products (1)

kaseya/unitrends_backup < 10.0

Published Aug 07, 2017

Tracked Since Feb 18, 2026