← back
CVE-2015-7709

CVE-2015-7709

EPSS 79.0%
The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to bypass authentication and execute arbitrary commands via a series of crafted requests involving the ARKFS_EXEC_CMD operation.
Affected products
n/a · n/a
public PoCs found3
cve_referencepacketstormsecurity.com/files/132660/Western-Digital-Arkeia-11.0.13-Remote-Code-Execution.htmlunverifiedcve_referencewww.exploit-db.com/exploits/37600/unverifiedexploitdbwww.exploit-db.com/exploits/37600unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://packetstormsecurity.com/files/132660/Western-Digital-Arkeia-11.0.13-Remote-Code-Execution.htmlhttps://www.exploit-db.com/exploits/37600/http://www.rapid7.com/db/modules/exploit/multi/misc/arkeia_agent_exec