Quest DR Series Disk Backup Software Command Injection Vulnerability (CNVD-2018-15867)
The Quest DR Series are disk storage and deduplication appliances. A command injection vulnerability exists in the "user delete" method in Quest DR Series Disk Backup Software versions prior to 4.0.3.1. The vulnerability can be exploited to execute system commands via the 'user' parameter...