CVE-2017-7282

Published: Apr 20, 2017Modified: May 13, 2026

5.5

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

An issue was discovered in Unitrends Enterprise Backup before 9.1.1. The function downloadFile in api/includes/restore.php blindly accepts any filename passed to /api/restore/download as valid. This allows an authenticated attacker to read any file in the filesystem that the web server has access to, aka Local File Inclusion (LFI).

Affected (1)

Products: Unitrends: Enterprise Backup

1 product

Enterprise Backup

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Unitrends Enterprise Backup	Up to 9.1

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

https://rhinosecuritylabs.com/research/remote-code-execution-bug-hunting-chapter-2/

Source: cve@mitre.org

ExploitThird Party Advisory

https://support.unitrends.com/UnitrendsBackup/s/article/ka640000000CcWGAA0/000005558?r=1

Source: cve@mitre.org

Vendor Advisory

https://rhinosecuritylabs.com/research/remote-code-execution-bug-hunting-chapter-2/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://support.unitrends.com/UnitrendsBackup/s/article/ka640000000CcWGAA0/000005558?r=1

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.