Filtered by vendor Cobiansoft
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-50923 | 1 Cobiansoft | 1 Cobian Backup | 2026-03-02 | N/A | 7.8 HIGH |
| Cobian Backup 0.9 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the CobianReflectorService to inject malicious code that will execute with LocalSystem permissions during service startup. | |||||
| CVE-2022-50687 | 1 Cobiansoft | 1 Backup 11 | 2026-01-05 | N/A | 5.5 MEDIUM |
| Cobian Backup 11 Gravity 11.2.0.582 contains a denial of service vulnerability in the FTP password input field that allows attackers to crash the application. Attackers can generate a specially crafted 800-byte buffer and paste it into the password field to trigger an application crash. | |||||
| CVE-2022-50689 | 1 Cobiansoft | 1 Reflector | 2025-12-31 | N/A | 6.2 MEDIUM |
| Cobian Reflector 0.9.93 RC1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the password input field. Attackers can paste a large 8000-byte buffer into the password field to trigger an application crash during SFTP task configuration. | |||||
| CVE-2017-11318 | 1 Cobiansoft | 1 Cobian Backup | 2025-04-20 | 6.8 MEDIUM | 8.1 HIGH |
| Cobian Backup 11 client allows man-in-the-middle attackers to add and execute new backup tasks when the master server is spoofed. In addition, the attacker can execute system commands remotely by abusing pre-backup events. | |||||