CVE-2022-26500
- Reference to the description:
- Description:
- Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code.
- Last updated date:
- 02/02/2023
Reports
ACTIVELY EXPLOITED
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 12/13/2022
- Reference url to background
https://www.cisa.gov/known-exploited-vulnerabilities-catalog