VYPR
Unrated severityNVD Advisory· Published Feb 3, 2026· Updated Mar 5, 2026

webERP 4.15.1 - Unauthenticated Backup File Access

CVE-2020-37082

Description

webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backup_[timestamp].sql.gz file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.