CVE-2024-22903 Information

Description

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function.

Reference

http://vinchin.com https://seclists.org/fulldisclosure/2024/Jan/32 https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/