[CVE-2020-16171] Acronis Cyber Backup <= v12.5 Build 16341 Full Unauthenticated SSRF

Click the icon to Follow me:- twitterTelegramRedditDiscord

Posted by Julien Ahrens (RCE Security) on Sep 15

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Acronis Cyber Backup
Vendor URL: https://www.acronis.com
Type: Server-Side Request Forgery [CWE-918]
Date found: 2020-07-30
Date published: 2020-09-14
CVSSv3 Score: 8.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L)
CVE: CVE-2020-16171

2. CREDITS
==========
This vulnerability was discovered and…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source
Available for Amazon Prime