52 matches found
CVE-2018-11182
CVE-2018-11182 affects Quest DR Series Disk Backup Software (before 4.0.3.1). Core Security CORE-2018-0002 documents multiple command-injection vulnerabilities in the DR Series appliances via the JSON-RPC web interface, allowing remote command execution and, in some vectors, privilege escalation....
CVE-2018-11160
CVE-2018-11160 affects Quest DR Series Disk Backup Software prior to 4.0.3.1. CoreLabs CORE-2018-0002 describes multiple command-injection vulnerabilities in the DR appliance web/API interfaces, notably in the DRStorageGroup creation path, where inputs such as the group name can be used to constr...