[CVE-2020-16171] Acronis Cyber Backup <= v12.5 Build 16341 Full Unauthenticated SSRF

Follow me on twitter and join the Telegram channel Telegram

Posted by Julien Ahrens (RCE Security) on Sep 15

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Acronis Cyber Backup
Vendor URL: https://www.acronis.com
Type: Server-Side Request Forgery [CWE-918]
Date found: 2020-07-30
Date published: 2020-09-14
CVSSv3 Score: 8.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L)
CVE: CVE-2020-16171

2. CREDITS
==========
This vulnerability was discovered and…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Want to Support the Site, Become a Patron!

Original Source