Introduction CVE-2025-30007 – Unauthenticated XSS in serverbackupprogress.sgp CVE-2025-30008 – Unauthenticated XSS in restoreprogress.sgp Reflected XSS in getloginstate (No CVE) Password Reset via ResellerSetPassword (Unexploited Logic) Username Enumeration via CheckUserExists Suspicious Behavior in SignupCustomer Timeline Final Thoughts Introduction Vembu BDRSuite is an all-in-one backup and disaster recovery solution designed to protect virtual, physical, cloud, and SaaS workloads. It t...
