cbcvebase.
CVE-2018-18652
published 2018-10-25

CVE-2018-18652: A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root…

PriorityP349high7.2CVSS 3.0
AVNACLPRHUINSUCHIHAH
EPSS
4.07%
89.4th percentile
A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input.

Affected

1 ranges
VendorProductVersion rangeFixed in
veritasnetbackup_appliance< 3.1.23.1.2

CVSS provenance

nvdv3.07.2HIGHCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.