Critical Pre-Auth Vulnerabilities in Commvault Let Hackers Achieve RCE Without Logging In

Monday, 5 January

Friday, 22 August, 2025

Critical Pre-Auth Vulnerabilities in Commvault Let Hackers Achieve RCE Without Logging In

Security researchers have uncovered four serious pre-authentication exploit chains in Commvault versions earlier than 11.36.60 that enable remote code execution (RCE) without requiring credentials. These flaws include CVE-2025-57788—a login mechanism bypass—and CVE-2025-57789, which exploits default credentials during initial setup to grant admin privileges. Commvault has issued updates to fix these critical issues.

Read full story at The Hacker News

Tags:hackers security code execution

Download the TechShots App

IT Trends Move Fast. Stay Faster.

Android iOS

Categories

Critical Pre-Auth Vulnerabilities in Commvault Let Hackers Achieve RCE Without Logging In

Also Read

Taiwan Hit by Record 2.6 Million Daily Chinese Cyberattacks

India Suffers Massive ₹2,500 Crore Loss to Cybercrime Over Last Six Years

Kaspersky Reports Alarmic Surge in QR Code Phishing Attacks

SEBI Launches AI-Powered Tool to Strengthen Cybersecurity Across Financial Entities

SEBI Developing Advanced AI Tool to Strengthen Cybersecurity

Arattai Rolls Out Video Calling Support for Android TVs to Boost Home Connectivity

AI-Generated Images Spark Legal and Ethical Challenges for Global Enterprises

Cognizant Hit With U.S. Lawsuits Following Major TriZetto Healthcare Data Breach

GCCs to Pivot from Mass Hiring to Specialized AI and Cybersecurity Skills

Download the TechShots App

Subscribe To Our Newsletter.