Vulnerability Details CVE-2018-11176
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 34 of 46).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.089
EPSS Ranking 92.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html
- http://seclists.org/fulldisclosure/2018/May/71
- https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities
- http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html
- http://seclists.org/fulldisclosure/2018/May/71
- https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities
Products affected by CVE-2018-11176
-
cpe:2.3:a:quest:disk_backup:4.0
-
cpe:2.3:a:quest:disk_backup:4.0.0.1
-
cpe:2.3:a:quest:disk_backup:4.0.0.3
-
cpe:2.3:a:quest:disk_backup:4.0.3