CVE-2018-5404

MEDIUM

Quest Kace K1000 <9.0.270 - Blind SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-5404.

AI-analyzed exploit summary The exploit demonstrates Blind SQL Injection vulnerabilities in Dell KACE K1000 Appliance via the 'selvalue' parameter in 'ajax_lookup_list.php' and the 'ID' parameter in 'oval_detail.php'. It includes detailed steps to confirm the vulnerabilities and potential exploitation using SQLMap.

Description

The Quest Kace K1000 Appliance, versions prior to 9.0.270, allows an authenticated, remote attacker with least privileges ('User Console Only' role) to potentially exploit multiple Blind SQL Injection vulnerabilities to retrieve sensitive information from the database or copy the entire database. An authenticated remote attacker could leverage Blind SQL injections to obtain sensitive data.

Exploits (1)

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/46956

View Code ZIP pw:eip

The exploit demonstrates Blind SQL Injection vulnerabilities in Dell KACE K1000 Appliance via the 'selvalue' parameter in 'ajax_lookup_list.php' and the 'ID' parameter in 'oval_detail.php'. It includes detailed steps to confirm the vulnerabilities and potential exploitation using SQLMap.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Dell KACE K1000 Appliance (versions prior to 9.0.270 PATCH SEC2018_20180410)

Auth required

Prerequisites: Authenticated user with 'User Console Only' rights for 'ajax_lookup_list.php' · Authenticated user with 'Read Only Administrator' rights for 'oval_detail.php'

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

https://www.kb.cert.org/vuls/id/877837/

Vendor Advisory x_refsource_confirm

https://support.quest.com/kb/288310/cert-coordination-center-report-update

Scores

CVSS v3 6.5

EPSS 0.0384

EPSS Percentile 88.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-89

Status published

Products (1)

quest/kace_systems_management_appliance_firmware < 9.0.270

Published Jun 03, 2019

Tracked Since Feb 18, 2026