Quest Netvault Backup vulnerabilities
35 known vulnerabilities affecting quest/netvault_backup.
Total CVEs
35
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL24HIGH11
Vulnerabilities
Page 2 of 2
CVE-2017-17653P2CRITICALCVSS 9.8v11.3.0.122018-02-08
CVE-2017-17653 [CRITICAL] CWE-89 CVE-2017-17653: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackupOptionSet Get method requests. The issue results from the lack of proper validation of a user-supp
nvd
CVE-2017-17415P2CRITICALCVSS 9.8v11.3.0.122018-02-08
CVE-2017-17415 [CRITICAL] CWE-89 CVE-2017-17415: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Count method requests. The issue results from the lack of proper validation of a user-suppli
nvd
CVE-2017-17414P2CRITICALCVSS 9.8v11.3.0.122018-02-08
CVE-2017-17414 [CRITICAL] CWE-89 CVE-2017-17414: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Get method requests. The issue results from the lack of proper validation of a user-supplied
nvd
CVE-2017-17423P2CRITICALCVSS 9.8v11.3.0.122018-02-08
CVE-2017-17423 [CRITICAL] CWE-89 CVE-2017-17423: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackupSegment Get method requests. The issue results from the lack of proper validation of a user-suppli
nvd
CVE-2017-17652P2CRITICALCVSS 9.8v11.3.0.122018-02-08
CVE-2017-17652 [CRITICAL] CWE-89 CVE-2017-17652: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup Count method requests. The issue results from the lack of proper validation of a user-supplied st
nvd
CVE-2017-17424P2CRITICALCVSS 9.8v11.3.0.122018-02-08
CVE-2017-17424 [CRITICAL] CWE-89 CVE-2017-17424: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUScheduleSet Get method requests. The issue results from the lack of proper validation of a user-supplied
nvd
CVE-2017-17656P2CRITICALCVSS 9.8v11.3.0.122018-02-08
CVE-2017-17656 [CRITICAL] CWE-89 CVE-2017-17656: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup JobList method requests. The issue results from the lack of proper validation of a user-supplied
nvd
CVE-2017-17412P2CRITICALCVSS 9.8v11.3.0.122018-02-08
CVE-2017-17412 [CRITICAL] CWE-89 CVE-2017-17412: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of GET method requests. The issue results from the lack of proper validation of a user-supplied string before u
nvd
CVE-2017-17422P2CRITICALCVSS 9.8v11.3.0.122018-02-08
CVE-2017-17422 [CRITICAL] CWE-89 CVE-2017-17422: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup Get method requests. The issue results from the lack of proper validation of a user-supplied stri
nvd
CVE-2017-17416P2CRITICALCVSS 9.8v11.3.0.122018-02-08
CVE-2017-17416 [CRITICAL] CWE-89 CVE-2017-17416: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus GetPlugins method requests. The issue results from the lack of proper validation of a user-s
nvd
CVE-2017-17658P2CRITICALCVSS 9.8v11.3.0.122018-02-08
CVE-2017-17658 [CRITICAL] CWE-89 CVE-2017-17658: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUJobDefinitions Get method requests. The issue results from the lack of proper validation of a user-suppl
nvd
CVE-2017-17655P2CRITICALCVSS 9.8v11.3.0.122018-02-08
CVE-2017-17655 [CRITICAL] CWE-89 CVE-2017-17655: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup PluginList method requests. The issue results from the lack of proper validation of a user-suppli
nvd
CVE-2026-7569P3HIGHCVSS 8.8fixed in 14.0.2v14.0.1.72026-06-25
CVE-2026-7569 [HIGH] CWE-79 CVE-2026-7569: Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability. This vuln
Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVault Backup. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific
nvd
CVE-2026-9780P3HIGHCVSS 8.8v14.0.1.72026-06-25
CVE-2026-9780 [HIGH] CWE-79 CVE-2026-9780: Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability. This vuln
Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVault Backup. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific
nvd
CVE-2018-1162P3HIGHCVSS 8.1v11.2.0.132018-02-08
CVE-2018-1162 [HIGH] CWE-22 CVE-2018-1162: This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable ins
This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within the handling of Export requests. The issue resul
nvd
← Previous2 / 2