It was discovered that an issue in the Unitrends session logic allowed using the LOGDIR environment variable during a web session to elevate an existing low privilege user to root privileges. A remote attacker with existing low-privilege credentials could then execute arbitrary commands with root privileges.
Privileges Required: Low
Resolution: Upgrade to Unitrends release 10.0.0-2 or later, or apply Unitrends security update to a prior release
Unitrends reference UNIBP-13942
LINK TO ADVISORIES
Discoverer(s)/Credits: Benny Husted, Cale Smith, Jared Arave