High severity8.8NVD Advisory· Published Feb 2, 2024· Updated Jul 5, 2026
CVE-2024-22903
CVE-2024-22903
Description
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Vinchin/Backup & Recoverydescription
- Range: 7.2
Patches
Vulnerability mechanics
References
5- blog.leakix.net/2024/01/vinchin-backup-rce-chain/nvdExploitThird Party Advisory
- seclists.org/fulldisclosure/2024/Jan/32nvdMailing ListThird Party Advisory
- vinchin.comnvdProduct
- packetstormsecurity.com/files/176796/Vinchin-Backup-And-Recovery-7.2-SystemHandler.class.php-Command-Injection.htmlnvd
- seclists.org/fulldisclosure/2024/Jan/32nvd
News mentions
0No linked articles in our index yet.