Read Time:22 Second
Posted by Balgogan via Fulldisclosure on Jan 26
CVE ID: CVE-2024-22900
Title: Command Injection Vulnerability in Vinchin Backup and Recovery Versions 7.2 and Earlier
Description:
A critical security vulnerability, identified as CVE-2024-22900, has been discovered in Vinchin Backup and Recovery
software, affecting versions 7.2 and earlier. The vulnerability is present in the `setNetworkCardInfo` function, which
is intended to update network card information.
Details:
1. The function…