CVE-2018-6329 : Exploit Details and Defense Strategies

Unitrends Backup (UB) prior to version 10.1.0 is vulnerable to a bypass in the authentication process via a SQL injection attack, potentially leading to arbitrary command execution and privilege escalation.

Understanding CVE-2018-6329

Researchers have identified a vulnerability in Unitrends Backup (UB) prior to version 10.1.0 that allows malicious actors to execute arbitrary commands on the target system.

What is CVE-2018-6329?

The vulnerability involves the authentication process in the libbpext.so component, which can be bypassed through a SQL injection attack.

The Impact of CVE-2018-6329

Exploiting this flaw enables a malicious actor to execute arbitrary commands on the target system, potentially leading to privilege escalation.

Technical Details of CVE-2018-6329

Unitrends Backup (UB) before version 10.1.0 is susceptible to the following:

Vulnerability Description

The vulnerability allows for the bypass of the authentication process in the libbpext.so component through a SQL injection attack.

Affected Systems and Versions

Product: Unitrends Backup (UB)
Versions affected: Prior to version 10.1.0

Exploitation Mechanism

Attackers can exploit the vulnerability by performing a SQL injection attack to bypass the authentication process.

Mitigation and Prevention

It is crucial to take immediate steps to address and prevent the exploitation of CVE-2018-6329:

Immediate Steps to Take

Update Unitrends Backup to version 10.1.0 or later to mitigate the vulnerability.
Monitor for any unauthorized access or suspicious activities on the system.

Long-Term Security Practices

Regularly update and patch software to ensure the latest security fixes are in place.
Implement strong authentication mechanisms and access controls to prevent unauthorized access.

Patching and Updates

Apply security patches and updates provided by Unitrends Backup to address the vulnerability and enhance system security.