The MaxDB server handles the
**exec_sdbinfo** command by invoking the
**cons.exe** program through a
**system** call without sufficiently checking the arguments for invalid characters. This allows a remote, unauthenticated attacker to inject arbitrary commands by putting special sequences such as
**&&** in the arguments.
Upgrade to a version of MaxDB higher than 7.6.00.37 when available.
Exploit works on MaxDB 18.104.22.168.