edit-icon download-icon

[Vulnerability notice] Arbitrary logon vulnerability in EmpireBak

Last Updated: Nov 08, 2017

Description

EmpireBak is an open source and free database backup software, mainly used for MySQL data backup and import. However, the logon interface of this software has a design flaw.

Users can log on to the background without an account and password, making it vulnerable to external hacker invasions.

Fix

Currently, in the latest version (v5.1) provided by the EmpireBak official website, this vulnerability still exists. We recommend that you stop using the product until an official update fixes the vulnerability.

Thank you! We've received your feedback.