High severity8.8NVD Advisory· Published Feb 2, 2024· Updated Jul 5, 2026
CVE-2024-22899
CVE-2024-22899
Description
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Vinchin/Backup & Recoverydescription
- Range: 7.2
Patches
Vulnerability mechanics
References
5- blog.leakix.net/2024/01/vinchin-backup-rce-chain/nvdExploitThird Party Advisory
- seclists.org/fulldisclosure/2024/Jan/29nvdMailing ListThird Party Advisory
- vinchin.comnvdProduct
- packetstormsecurity.com/files/176793/Vinchin-Backup-And-Recovery-7.2-syncNtpTime-Command-Injection.htmlnvd
- seclists.org/fulldisclosure/2024/Jan/29nvd
News mentions
0No linked articles in our index yet.