[CVE-2020-16171] Acronis Cyber Backup <= v12.5 Build 16341 Full Unauthenticated SSRF

Posted by Julien Ahrens (RCE Security) on Sep 15

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Acronis Cyber Backup
Vendor URL: https://www.acronis.com
Type: Server-Side Request Forgery [CWE-918]
Date found: 2020-07-30
Date published: 2020-09-14
CVSSv3 Score: 8.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L)
CVE: CVE-2020-16171

2. CREDITS
==========
This vulnerability was discovered and…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source