Skip to main content

Netvault Backup

15 CVEs product

Monthly

CVE-2026-9787 HIGH This Week

Remote code execution in Quest NetVault Backup allows authenticated remote attackers - who can bypass the product's existing authentication mechanism - to run arbitrary OS commands as SYSTEM via the NVBULogDaemon JSON-RPC interface. The flaw stems from unsanitized user-supplied input being passed into a system call (CWE-78), and the credentialed authentication barrier is undermined by an acknowledged bypass, effectively widening exposure. No public exploit has been identified at time of analysis, but the issue was disclosed by Trend Micro ZDI (ZDI-26-376) and carries a CVSS of 8.8.

Command Injection RCE Netvault Backup
NVD
CVSS 3.0
8.8
EPSS
1.4%
CVE-2026-9786 HIGH This Week

Remote code execution in Quest NetVault Backup arises through SQL injection in the NVBUDashboard component's JSON-RPC message handler, letting attackers run arbitrary code in the NETWORK SERVICE context. While the flaw nominally requires authentication, ZDI reports the product's authentication mechanism can be bypassed, materially lowering the access bar. No public exploit is identified at time of analysis and the issue is not listed in CISA KEV, but its CVSS 3.0 base score of 8.8 and full-impact (C:H/I:H/A:H) profile mark it as high priority for any exposed deployment.

SQLi RCE Netvault Backup
NVD VulDB
CVSS 3.0
8.8
EPSS
0.7%
CVE-2026-9785 HIGH This Week

Remote code execution in Quest NetVault Backup arises from a SQL injection flaw in the handling of NVBULibrarySlot JSON-RPC messages, where a user-supplied string is concatenated into a SQL query without validation. Although the JSON-RPC interface nominally requires authentication, ZDI notes the existing authentication mechanism can be bypassed, so a remote attacker can reach the vulnerable code path and execute arbitrary code in the context of the NETWORK SERVICE account. No public exploit has been identified at time of analysis and the issue is not listed in CISA KEV; EPSS data was not provided.

SQLi RCE Netvault Backup
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2026-9784 HIGH This Week

SQL injection in Quest NetVault Backup's NVBULibraryPort JSON-RPC handler allows remote attackers to execute arbitrary code as NETWORK SERVICE on affected installations. While exploitation nominally requires authentication (CVSS PR:L), the ZDI advisory states the existing authentication mechanism can be bypassed, effectively lowering the barrier to remote attackers. There is no public exploit identified at time of analysis and no CISA KEV listing, but the issue was coordinated through Trend Micro's Zero Day Initiative (ZDI-CAN-27631 / ZDI-26-373) and carries a CVSS 3.0 base score of 8.8.

SQLi RCE Netvault Backup
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2026-9783 HIGH This Week

SQL injection leading to remote code execution affects Quest NetVault Backup, where the NVBURemovableMedia component fails to validate a user-supplied string before constructing SQL queries. Although authentication is nominally required, ZDI notes the existing authentication mechanism can be bypassed, effectively lowering the barrier to network-based attackers who can then execute code in the context of the NETWORK SERVICE account. No public exploit identified at time of analysis; the issue was reported privately by Trend Micro's Zero Day Initiative (ZDI-CAN-27632 / ZDI-26-372).

SQLi RCE Netvault Backup
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2026-9782 HIGH This Week

Remote code execution in Quest NetVault Backup arises from SQL injection in the NVBUDeviceDrive JSON-RPC message handler, where a user-supplied string is concatenated into a SQL query without validation (CWE-89). Although the product requires authentication, the existing authentication mechanism can be bypassed, so remote attackers can reach the flaw and execute arbitrary code in the context of the NETWORK SERVICE account. Discovered and reported through Trend Micro's Zero Day Initiative (ZDI-26-371, formerly ZDI-CAN-27633); no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

SQLi RCE Netvault Backup
NVD VulDB
CVSS 3.0
8.8
EPSS
0.7%
CVE-2026-9781 HIGH This Week

Remote code execution in Quest NetVault Backup arises from SQL injection in the NVBURASDevice JSON-RPC message handler, where attacker-controlled input is concatenated into SQL queries. Although authentication is nominally required, ZDI notes the existing authentication mechanism can be bypassed, so attackers can reach the vulnerable endpoint and execute code in the NETWORK SERVICE context. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; it was reported privately via Trend Micro's Zero Day Initiative (ZDI-26-370 / ZDI-CAN-27648).

SQLi RCE Netvault Backup
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2026-9780 HIGH This Week

Authentication bypass via cross-site scripting in Quest NetVault Backup's addclient3 webpage allows remote attackers to inject arbitrary script that executes in a victim's authenticated session, bypassing access controls. Disclosed through Trend Micro's Zero Day Initiative (ZDI-26-369, formerly ZDI-CAN-27666), the flaw requires user interaction - the target must visit a malicious page or open a malicious file - and can be chained with other weaknesses to achieve code execution in the SYSTEM context. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, though the high CVSS of 8.8 reflects the serious downstream RCE potential.

Authentication Bypass XSS RCE Netvault Backup
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2026-7570 HIGH This Week

SQL injection leading to remote code execution in Quest NetVault Backup allows attackers to run arbitrary code as the NETWORK SERVICE account by sending crafted JSON-RPC messages to the NVBUDashboard component. While the JSON-RPC interface nominally requires authentication, ZDI reports the existing authentication mechanism can be bypassed, effectively lowering the access barrier. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, but it was responsibly disclosed through Trend Micro's Zero Day Initiative (ZDI-26-368, formerly ZDI-CAN-27809).

SQLi RCE Netvault Backup
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2026-7569 HIGH This Week

Authentication bypass via cross-site scripting in the Quest NetVault Backup viewclient web interface lets remote attackers inject arbitrary script that, when a victim visits a malicious page or opens a malicious file, runs in the application context and circumvents authentication. Disclosed through Trend Micro's Zero Day Initiative (ZDI-26-377, ZDI-CAN-28202), the flaw can be chained with additional vulnerabilities to achieve code execution as SYSTEM. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the CVSS 8.8 rating reflects the high impact of the auth-bypass-plus-RCE chain.

Authentication Bypass XSS RCE Netvault Backup
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-1163 CRITICAL Act Now

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Quest NetVault Backup 11.2.0.13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Netvault Backup
NVD
CVSS 3.0
9.8
EPSS
16.3%
CVE-2018-1162 HIGH This Week

This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Netvault Backup
NVD
CVSS 3.0
8.1
EPSS
5.0%
CVE-2018-1161 CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.2.0.13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Netvault Backup
NVD
CVSS 3.0
9.8
EPSS
67.2%
CVE-2015-5696 MEDIUM POC THREAT This Month

Dell Netvault Backup before 10.0.5 allows remote attackers to cause a denial of service (crash) via a crafted request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 16.2%.

Denial Of Service Dell Netvault Backup
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
16.2%
CVE-2015-4067 CRITICAL Act Now

Integer overflow in the libnv6 module in Dell NetVault Backup before 10.0.5 allows remote attackers to execute arbitrary code via crafted template string specifiers in a serialized object, which. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.8% and no vendor patch available.

RCE Buffer Overflow Dell Netvault Backup
NVD
CVSS 2.0
10.0
EPSS
10.8%
EPSS 1% CVSS 8.8
HIGH This Week

Remote code execution in Quest NetVault Backup allows authenticated remote attackers - who can bypass the product's existing authentication mechanism - to run arbitrary OS commands as SYSTEM via the NVBULogDaemon JSON-RPC interface. The flaw stems from unsanitized user-supplied input being passed into a system call (CWE-78), and the credentialed authentication barrier is undermined by an acknowledged bypass, effectively widening exposure. No public exploit has been identified at time of analysis, but the issue was disclosed by Trend Micro ZDI (ZDI-26-376) and carries a CVSS of 8.8.

Command Injection RCE Netvault Backup
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Remote code execution in Quest NetVault Backup arises through SQL injection in the NVBUDashboard component's JSON-RPC message handler, letting attackers run arbitrary code in the NETWORK SERVICE context. While the flaw nominally requires authentication, ZDI reports the product's authentication mechanism can be bypassed, materially lowering the access bar. No public exploit is identified at time of analysis and the issue is not listed in CISA KEV, but its CVSS 3.0 base score of 8.8 and full-impact (C:H/I:H/A:H) profile mark it as high priority for any exposed deployment.

SQLi RCE Netvault Backup
NVD VulDB
EPSS 1% CVSS 8.8
HIGH This Week

Remote code execution in Quest NetVault Backup arises from a SQL injection flaw in the handling of NVBULibrarySlot JSON-RPC messages, where a user-supplied string is concatenated into a SQL query without validation. Although the JSON-RPC interface nominally requires authentication, ZDI notes the existing authentication mechanism can be bypassed, so a remote attacker can reach the vulnerable code path and execute arbitrary code in the context of the NETWORK SERVICE account. No public exploit has been identified at time of analysis and the issue is not listed in CISA KEV; EPSS data was not provided.

SQLi RCE Netvault Backup
NVD
EPSS 1% CVSS 8.8
HIGH This Week

SQL injection in Quest NetVault Backup's NVBULibraryPort JSON-RPC handler allows remote attackers to execute arbitrary code as NETWORK SERVICE on affected installations. While exploitation nominally requires authentication (CVSS PR:L), the ZDI advisory states the existing authentication mechanism can be bypassed, effectively lowering the barrier to remote attackers. There is no public exploit identified at time of analysis and no CISA KEV listing, but the issue was coordinated through Trend Micro's Zero Day Initiative (ZDI-CAN-27631 / ZDI-26-373) and carries a CVSS 3.0 base score of 8.8.

SQLi RCE Netvault Backup
NVD
EPSS 1% CVSS 8.8
HIGH This Week

SQL injection leading to remote code execution affects Quest NetVault Backup, where the NVBURemovableMedia component fails to validate a user-supplied string before constructing SQL queries. Although authentication is nominally required, ZDI notes the existing authentication mechanism can be bypassed, effectively lowering the barrier to network-based attackers who can then execute code in the context of the NETWORK SERVICE account. No public exploit identified at time of analysis; the issue was reported privately by Trend Micro's Zero Day Initiative (ZDI-CAN-27632 / ZDI-26-372).

SQLi RCE Netvault Backup
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Remote code execution in Quest NetVault Backup arises from SQL injection in the NVBUDeviceDrive JSON-RPC message handler, where a user-supplied string is concatenated into a SQL query without validation (CWE-89). Although the product requires authentication, the existing authentication mechanism can be bypassed, so remote attackers can reach the flaw and execute arbitrary code in the context of the NETWORK SERVICE account. Discovered and reported through Trend Micro's Zero Day Initiative (ZDI-26-371, formerly ZDI-CAN-27633); no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

SQLi RCE Netvault Backup
NVD VulDB
EPSS 1% CVSS 8.8
HIGH This Week

Remote code execution in Quest NetVault Backup arises from SQL injection in the NVBURASDevice JSON-RPC message handler, where attacker-controlled input is concatenated into SQL queries. Although authentication is nominally required, ZDI notes the existing authentication mechanism can be bypassed, so attackers can reach the vulnerable endpoint and execute code in the NETWORK SERVICE context. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; it was reported privately via Trend Micro's Zero Day Initiative (ZDI-26-370 / ZDI-CAN-27648).

SQLi RCE Netvault Backup
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Authentication bypass via cross-site scripting in Quest NetVault Backup's addclient3 webpage allows remote attackers to inject arbitrary script that executes in a victim's authenticated session, bypassing access controls. Disclosed through Trend Micro's Zero Day Initiative (ZDI-26-369, formerly ZDI-CAN-27666), the flaw requires user interaction - the target must visit a malicious page or open a malicious file - and can be chained with other weaknesses to achieve code execution in the SYSTEM context. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, though the high CVSS of 8.8 reflects the serious downstream RCE potential.

Authentication Bypass XSS RCE +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

SQL injection leading to remote code execution in Quest NetVault Backup allows attackers to run arbitrary code as the NETWORK SERVICE account by sending crafted JSON-RPC messages to the NVBUDashboard component. While the JSON-RPC interface nominally requires authentication, ZDI reports the existing authentication mechanism can be bypassed, effectively lowering the access barrier. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, but it was responsibly disclosed through Trend Micro's Zero Day Initiative (ZDI-26-368, formerly ZDI-CAN-27809).

SQLi RCE Netvault Backup
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Authentication bypass via cross-site scripting in the Quest NetVault Backup viewclient web interface lets remote attackers inject arbitrary script that, when a victim visits a malicious page or opens a malicious file, runs in the application context and circumvents authentication. Disclosed through Trend Micro's Zero Day Initiative (ZDI-26-377, ZDI-CAN-28202), the flaw can be chained with additional vulnerabilities to achieve code execution as SYSTEM. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the CVSS 8.8 rating reflects the high impact of the auth-bypass-plus-RCE chain.

Authentication Bypass XSS RCE +1
NVD
EPSS 16% CVSS 9.8
CRITICAL Act Now

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Quest NetVault Backup 11.2.0.13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Netvault Backup
NVD
EPSS 5% CVSS 8.1
HIGH This Week

This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Netvault Backup
NVD
EPSS 67% CVSS 9.8
CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.2.0.13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +1
NVD
EPSS 16% CVSS 5.0
MEDIUM POC THREAT This Month

Dell Netvault Backup before 10.0.5 allows remote attackers to cause a denial of service (crash) via a crafted request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 16.2%.

Denial Of Service Dell Netvault Backup
NVD Exploit-DB
EPSS 11% CVSS 10.0
CRITICAL Act Now

Integer overflow in the libnv6 module in Dell NetVault Backup before 10.0.5 allows remote attackers to execute arbitrary code via crafted template string specifiers in a serialized object, which. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.8% and no vendor patch available.

RCE Buffer Overflow Dell +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy