CVE-2017-13707

Published: Aug 27, 2017Modified: May 13, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers to gain root privileges via sudo command execution. The vi program can be accessed through sudo, in order to navigate the filesystem and modify a critical file such as /etc/passwd.

Affected (1)

Products: Axcient: Replibit

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Axcient Replibit	Before 2017.08.04

Related CWEs

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (2)

https://github.com/Wh1t3Rh1n0/exploits/blob/master/2017-08-25%20Replibit%20Backup%20Manager/README.md

Source: cve@mitre.org

ExploitIssue TrackingThird Party Advisory

https://github.com/Wh1t3Rh1n0/exploits/blob/master/2017-08-25%20Replibit%20Backup%20Manager/README.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

Timeline

No history available yet.