Vulnerabilities > Whitebearsolutions > Wbsairback > 21.02.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-15 | CVE-2024-3781 | OS Command Injection vulnerability in Whitebearsolutions Wbsairback 21.02.04 Command injection vulnerability in the operating system. | 9.1 |
| 2024-04-15 | CVE-2024-3782 | Cross-Site Request Forgery (CSRF) vulnerability in Whitebearsolutions Wbsairback 21.02.04 Cross-Site Request Forgery vulnerability in WBSAirback 21.02.04, which could allow an attacker to create a manipulated HTML form to perform privileged actions once it is executed by a privileged user. | 8.8 |
| 2024-04-15 | CVE-2024-3783 | Path Traversal vulnerability in Whitebearsolutions Wbsairback 21.02.04 The Backup Agents section in WBSAirback 21.02.04 is affected by a Path Traversal vulnerability, allowing a user with low privileges to download files from the system. | 6.5 |
| 2024-04-15 | CVE-2024-3784 | Code Injection vulnerability in Whitebearsolutions Wbsairback 21.02.04 Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through S3 Accounts (/admin/CloudAccounts). | 6.6 |
| 2024-04-15 | CVE-2024-3785 | Unspecified vulnerability in Whitebearsolutions Wbsairback 21.02.04 Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device NAS shared section (/admin/DeviceNAS). | 6.6 |
| 2024-04-15 | CVE-2024-3786 | Unspecified vulnerability in Whitebearsolutions Wbsairback 21.02.04 Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device Synchronizations (/admin/DeviceReplication). | 6.6 |