THREATOPS
THREAT OPSCVEs › CVE-2022-26500

CVE-2022-26500 — Veeam Backup & Replication Remote Code Execution Vulnerability

CISA KEVExploited: confirmedVeeam

The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.

Vulnerability details