## https://sploitus.com/exploit?id=SAINT:07D1CC0FE2BB4BDB3966D4CE342C594F
Added: 05/16/2025
### Background
Commvault is a unified backup and recovery solution for cloud ready organizations. It gives complete backup and recovery protection for your business to cover all data wherever it resides.
### Problem
A path traversal vulnerability allows unauthenticated users to upload arbitrary files which can then be executed using an HTTP GET request.
### Resolution
Upgrade to Commvault version 11.38.20 or higher or apply the update referenced in CV_2025_04_1.
### References
https://documentation.commvault.com/securityadvisories/CV_2025_04_1.html
https://labs.watchtowr.com/fire-in-the-hole-were-breaching-the-vault-commvault-remote-code-execution-cve-2025-34028/
### Limitations
If successful, this exploit uploads a file to a random directory name under the /reports/MetricsUpload directory which should be manually removed afterwards.