Home / exploitsPDF  

Kaseya VSA R9.2 Arbitrary File Read

Posted on 15 January 2018

A security vulnerability was found in Kaseya VSA file download file functionality. Using this vulnerability an authenticated user in a Kaseya VSA environment is able to download arbitrary files from the server (including source code of Kaseya, the database backups, configuration files, and even windows files). Version R9.2 was found affected.

 

TOP