exploitDog

GHSA-pf2v-q93p-8954

Опубликовано: 01 фев. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 8.5

CVSS3: 7.8

Описание

Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that would execute with elevated LocalSystem privileges.

Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that would execute with elevated LocalSystem privileges.

Ссылки

EPSS

Процентиль: 1%

0.00012

Низкий

8.5 High

CVSS4

7.8 High

CVSS3

CVE ID

Дефекты

CWE-428

Связанные уязвимости

CVE-2020-37045

CVSS3: 7.8

nvd

6 дней назад

Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that would execute with elevated LocalSystem privileges.

EPSS

Процентиль: 1%

0.00012

Низкий

8.5 High

CVSS4

7.8 High

CVSS3

CVE ID

Дефекты

CWE-428