Quest DR Series Disk Backup Software Command Injection Vulnerability (CNVD-2018-15874)
The Quest DR Series are disk storage and deduplication appliances. A command injection vulnerability exists in the "License Delete" method of Quest DR Series disk backup software prior to version 4.0.3.1. The vulnerability can be exploited to execute commands via a specially crafted 'serviceTag'...