Quest NetVault Backup Server Process Manager Service NVBUJobCountHistory Get Method SQL Injection Remote Code Execution Vulnerability Advisory ID: ZDI-17-985, ZDI-CAN-4231 CVE ID: CVE-2017-17420 CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) Affected Vendors: Quest Affected Products: NetVault Backup Trend Micro Customer Protection: Protected by Digital Vaccine protection filter ID ['28751']. Vulnerability Details: Description: Remote attackers can execute arbitrary code on vulnerable installations of Quest NetVault Backup due to a lack of proper validation of a user-supplied string before using it to construct SQL queries. Exploit Conditions: Authentication is not required to exploit this vulnerability. Specific Issue: The flaw exists within the handling of NVBUJobCountHistory Get method requests. Additional Details: Fix: Addressed in NVBU 11.4.5 Disclosure Timeline: 2017-12-06: Vulnerability reported to vendor 2017-12-15: Coordinated public release of advisory Credit: rgod