Vulnerabilities > Vinchin > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-02 | CVE-2024-22901 | Unspecified vulnerability in Vinchin Backup and Recovery Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials. | 9.8 |
| 2024-02-02 | CVE-2024-22902 | Unspecified vulnerability in Vinchin Backup and Recovery Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials. | 9.8 |
| 2023-10-27 | CVE-2023-45498 | Command Injection vulnerability in Vinchin Backup and Recovery VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain a command injection vulnerability. | 9.8 |
| 2023-10-27 | CVE-2023-45499 | Use of Hard-coded Credentials vulnerability in Vinchin Backup and Recovery VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain hardcoded credentials. | 9.8 |
| 2022-08-03 | CVE-2022-35866 | Unspecified vulnerability in Vinchin Backup and Recovery 6.5.0.17561 This vulnerability allows remote attackers to bypass authentication on affected installations of Vinchin Backup and Recovery 6.5.0.17561. | 9.8 |