← back
CVE-2018-11138

CVE-2018-11138

CVSS 9.8 CRITICALEPSS 91.9%● KEVCWE-78
In short

An unprotected script in Quest KACE allows anyone on the internet to run any command they want on the server. This is extremely dangerous because attackers can take complete control of the system without needing a password.

Technical detail

CWE-78 (OS Command Injection) via unauthenticated access to '/common/download_agent_installer.php' in KACE 8.0.318. The script fails to validate user input and execute authorization checks, allowing remote attackers to inject arbitrary OS commands with system privileges. Impact includes complete system compromise.

Summary generated and translated by AI from the official description.
The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44950/unverifiedexploitdbwww.exploit-db.com/exploits/44950unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-11138https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilitieshttps://www.exploit-db.com/exploits/44950/