EMC NetWorker 8.2.1.x < 220.127.116.11 / 9.0.x < 18.104.22.168 RCE
Critical Nessus Plugin ID 91813
SynopsisThe remote Windows host has an application installed that is affected by a remote code execution vulnerability.
DescriptionThe version of EMC NetWorker installed on the remote Windows host is 8.2.1.x prior to 22.214.171.124 or 9.0.x prior to 126.96.36.199. It is, therefore, affected by a remote code execution vulnerability due to improper handling of authentication. An unauthenticated, remote attacker can exploit this to execute arbitrary commands by leveraging access to a different NetWorker instance.
SolutionUpgrade to EMC NetWorker 188.8.131.52 / 184.108.40.206 / 220.127.116.11 or later.