In 2021 I discovered several high and critical vulnerabilities in the Kaseya Unitrends backup appliance. This research was conducted and published as part of my day job. Part one details a chain of vulnerabilities by leveraging an insecure PostgreSQL database to ultimately gain shell access to the remote server. Visit https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-appliance-part-1 for the the full write-up. Stay tuned for part two.