Quest DR Series Disk Backup Software Command Injection Vulnerability (CNVD-2018-15620)
The Quest DR Series are disk storage and deduplication appliances. A command injection vulnerability exists in the customer portal changeManageBtn method in Quest DR Series disk backup software before 4.0.3.1. An attacker can exploit this vulnerability to execute commands via the 'action' paramet...