CVE-2017-7280

An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0. User input is not properly filtered before being sent to a popen function. This allows for remote code execution by sending a specially crafted user variable. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt