Backup Key Recovery
by Nsauditor
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-22902 | Cri | 0.64 | 9.8 | 0.01 | Feb 2, 2024 | Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials. | ||
| CVE-2020-37194 | Hig | 0.49 | 7.5 | 0.00 | Feb 11, 2026 | Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by supplying an overly long registration key. Attackers can generate a 1000-character payload file and paste it into the registration key field to trigger an… | ||
| CVE-2020-37185 | Hig | 0.49 | 7.5 | 0.00 | Feb 11, 2026 | Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application… | ||
| CVE-2021-47813 | Hig | 0.49 | 7.5 | 0.00 | Jan 16, 2026 | Backup Key Recovery 2.2.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. Attackers can paste a large buffer of 256 repeated characters into the registration key field to trigger… | ||
| CVE-2019-25599 | Med | 0.40 | 6.2 | 0.00 | Mar 22, 2026 | Backup Key Recovery 2.2.4 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a buffer of 300 or more characters into the Name field during registration to… |
- risk 0.64cvss 9.8epss 0.01
Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials.
- risk 0.49cvss 7.5epss 0.00
Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by supplying an overly long registration key. Attackers can generate a 1000-character payload file and paste it into the registration key field to trigger an…
- risk 0.49cvss 7.5epss 0.00
Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application…
- risk 0.49cvss 7.5epss 0.00
Backup Key Recovery 2.2.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. Attackers can paste a large buffer of 256 repeated characters into the registration key field to trigger…
- risk 0.40cvss 6.2epss 0.00
Backup Key Recovery 2.2.4 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a buffer of 300 or more characters into the Name field during registration to…