In 2021 I discovered several high and critical vulnerabilities in the Kaseya Unitrends backup appliance. This research was conducted and published as part of my day job. Part one details a chain of vulnerabilities by leveraging an insecure PostgreSQL database to ultimately gain shell access to the remote server. Visit for the the full write-up. Stay tuned for part two.