APT – Telegram

Veeam Backup and Replication (CVE-2023-27532)

Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.

Research:
https://www.horizon3.ai/veeam-backup-and-replication-cve-2023-27532-deep-dive/

Exploit 1:
https://github.com/sfewer-r7/CVE-2023-27532

Exploit 2:
https://github.com/horizon3ai/CVE-2023-27532

Exploit 3 (RCE):
https://github.com/puckiestyle/CVE-2023-27532-RCE-Only

#veeam #credentials #rce #cve

🔥7👍2👎2

4.05K viewsedited 15:12

🖥 Veeam Enterprise Manager Authentication Bypass

May 21st, Veeam published an advisory stating that all the versions BEFORE Veeam Backup Enterprise Manager 12.1.2.172 is affected by an authentication bypass allowing an unauthenticated attacker to bypass the authentication and log in to the Veeam Backup Enterprise Manager web interface as any user the CVSS for this vulnerability is 9.8.

🔗 Source:
https://summoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass/

🔗 PoC:
https://github.com/sinsinology/CVE-2024-29849

#veeam #authentication #bypass #cve

Please open Telegram to view this post

🔥7👍2

22.5K viewsedited 09:39

🖥

Veeam Backup & Response — RCE (CVE-2024-40711)

A critical deserialization vulnerability in .NET Remoting has been discovered in Veeam Backup & Replication, allowing unauthenticated remote code execution (RCE). The flaw affects versions 12.1.2.172 and earlier.

🔗 Research:
https://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2/

🔗 Source:
https://github.com/watchtowrlabs/CVE-2024-40711

#veeam #backup #deserialization #unauth #rce

Please open Telegram to view this post

👍5🔥5😁1

30.9K views08:11