top of page
perceptive_background_267k.jpg

NETGATE Data Backup 3.0.620 contains an unquoted service path vulnerability in its NGDatBckpSrv Windows service configuration. Attackers can exploit the unquote…

Published:

4 February 2026 at 23:00:00

Alert date:

5 February 2026 at 01:04:29

Source:

nvd.nist.gov

Click to open the original link from this advisory

Operating Systems, Enterprise Applications

CVE-2019-25271 affects NETGATE Data Backup version 3.0.620, containing an unquoted service path vulnerability in the NGDatBckpSrv Windows service. The vulnerability allows attackers to exploit the unquoted path configuration to inject and execute malicious code with LocalSystem privileges. Exploitation occurs by placing executable files in specific directory locations that take advantage of the improper path configuration. This represents a privilege escalation vulnerability that could allow attackers to gain system-level access on affected Windows systems running the vulnerable backup software.

Technical details

Mitigation steps:

Affected products:

NETGATE Data Backup

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2019-25271
http://www.netgate.sk/
https://www.exploit-db.com/exploits/47746
https://www.vulncheck.com/advisories/netgate-data-backup-ngdatbckpsrv-unquoted-service-path

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page