Primary

Context

Nimesa Backup and Recovery OS Command Injection Vulnerability

Vulnerability

A command injection vulnerability has been identified in Nimesa Backup and Recovery versions 2.3 and 2.4. This vulnerability allows the execution of arbitrary operating system commands on the server where the application is running.

Impact

Exploitation of this vulnerability could lead to the execution of arbitrary OS commands on the affected server.

Remediation

Users are advised to update Nimesa Backup and Recovery to the latest version. The latest version can be found on the AWS Marketplace.

Added: Jul 7, 2025, 5:22 AM

Updated: Jul 7, 2025, 5:22 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nimesa Backup and Recovery OS Command Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating