Intrusion PreventionQuest.DR.Series.Disk.Backup.Command.Injection
Description
This indicates an attack attempt to exploit a Command Injection Vulnerability in Quest DR Series Disk Backup.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary commands within the context of the application, via a crafted HTTP request.
Affected Products
Quest DR Series Disk Backup software version before 4.0.3.1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://support.quest.com/
Build 4.0.3.1 release notes:
https://support.quest.com/technical-documents/dr-series-software/4.0.3.1/release-notes/
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 47169 |
| Created | Dec 27, 2018 |
| Updated | May 04, 2022 |
| Risk |
|
| CVE ID | CVE-2018-11188 CVE-2018-11187 CVE-2018-11186 CVE-2018-11185 CVE-2018-11184 CVE-2018-11183 CVE-2018-11182 CVE-2018-11181 CVE-2018-11180 CVE-2018-11179 CVE-2018-11178 CVE-2018-11177 CVE-2018-11176 CVE-2018-11175 CVE-2018-11174 CVE-2018-11173 CVE-2018-11172 CVE-2018-11171 CVE-2018-11170 CVE-2018-11169 CVE-2018-11168 CVE-2018-11167 CVE-2018-11166 CVE-2018-11165 CVE-2018-11164 CVE-2018-11163 CVE-2018-11162 CVE-2018-11161 CVE-2018-11160 CVE-2018-11159 CVE-2018-11158 CVE-2018-11157 CVE-2018-11156 CVE-2018-11155 CVE-2018-11154 CVE-2018-11153 CVE-2018-11152 CVE-2018-11151 CVE-2018-11150 CVE-2018-11149 CVE-2018-11148 CVE-2018-11147 CVE-2018-11146 CVE-2018-11145 CVE-2018-11144 CVE-2018-11143 |
| Exploit Prediction Score | 0.33% |
| Default Action | drop |
| Active | |
| Affected OS | Linux |
| Affected App | Other |