Intrusion Prevention

Unitrends.UEB.bpserverd.Remote.Code.Execution

Description

This indicates an attack attempt to exploit a remote Code Execution vulnerability in Unitrends Backup.
The vulnerability is due to lack of authentication validation in the application when handling a crafted request. It may allow remote attackers to execute arbitrary code on vulnerable systems via a crafted request.

Affected Products

Unitrends Backup version 9.1 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply latest upgrade from the Vendor.
https://support.unitrends.com/UnitrendsBackup/s/article/ka640000000CcZeAAK/000005755

CVE References

CVE-2017-12477

Other References

5755