2 matches found
CVE-2018-11176
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection issue 34 of 46...
CVE-2018-11176
Quest DR Series Disk Backup Software vulnerable to command injection via DREncryption::set_passphrase (CVE-2018-11176). Proof-of-concept shows attacker can inject commands through the passphrase parameter, enabling arbitrary code execution with the appliance’s privileges. The CoreLabs advisory CO...