E18-0jvu2
CVSS:
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
False Positive:
t
Variants:
1
Year:
2018
Description
A stack buffer overflow has been identified in Quest NetVault Backup appliance.
The vulnerability is caused by the lack of proper input sanitisation in the context of multipart HTTP requests processing.
The vulnerability can be exploited by accessing the Web Interface of the NetVault server via a specially-crafted HTTP POST request, allowing the attacker arbitrary code execution with SYSTEM privileges.
CVE
References
Metasploit
http://www.zerodayinitiative.com/advisories/ZDI-18-004
Zdi
18-004