216.73.216.133

CVE-2025-43595

· Published 01/05/2025 22:15 · Modified 01/05/2025 22:15

Labels: CVE-2025-43595 2025-05-019119a7d8-5eab-497f-8521-727c672e3725CVE-2025-43595CWE-276

Essential information

Published
01/05/2025 22:15
Modified
01/05/2025 22:15
Author
Creator
CVSS
8.5 HIGH (v3) 8.5 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

An insecure file system permissions vulnerability in MSP360 Backup 4.3.1.115 allows a lower privileged user to execute commands with root level privileges in the 'Online Backup' folder. Users are recommended to upgrade to MSP360 Backup 4.4 (released on 2025-04-22).

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
9119a7d8-5eab-497f-8521-727c672e3725
NVD
View on NVD

Affected products (CPE)

ProductCPE
msps360 / msps360 backup cpe:2.3:a:msps360:msps360_backup:4.3.1.115:*:*:*:*:*:*:*
msps360 / msps360 backup cpe:2.3:a:msps360:msps360_backup:4.4:*:*:*:*:*:*:*

References