CVE-2018-11138

Quest KACE System Management Appliance Remote Command Execution Vulnerability

Beschreibung

The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance is accessible by anonymous users and can be abused to perform remote code execution.

Schweregrad: CRITICAL

CVSS-Score: 9.8

Hersteller: Quest

Produkt: KACE System Management Appliance