2 matches found
CVE-2017-17654
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup ClientList method requests. The issue resul...
CVE-2017-17654
CVE-2017-17654 affects Quest NetVault Backup 11.3.0.12. The flaw is an SQL injection in the NVBUBackup ClientList method where unsanitized user input is used to build SQL queries, enabling remote code execution in the database context without authentication. Documented by ZDI-4287 and mirrored in...