Description
Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVault Backup. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the addclient3 webpage. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27666.
Published: 2026-06-24
Score: 8.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw lies in the addclient3 webpage of Quest NetVault Backup; an attacker can inject arbitrary script through lack of input validation, which enables cross‑site scripting (CWE‑79). The vulnerability also allows bypassing authentication when a user visits a malicious page or opens a malicious file. In combination with other weaknesses, the attacker may execute code in the context of SYSTEM.

Affected Systems

Quest NetVault Backup is affected; affected versions are not specified in the advisory.

Risk and Exploitability

The CVSS score of 8.8 indicates a high severity vulnerability. EPSS data is not available, and the issue is not listed in the CISA KEV catalog, but the requirement for user interaction means that exploitation depends on phishing or social engineering. The authentication bypass combined with XSS raises the risk of privilege escalation and remote code execution for attackers who can compromise the target environment.

Generated by OpenCVE AI on June 25, 2026 at 00:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest NetVault Backup patch that fixes the addclient3 page input validation issue.
  • Restrict or disable the addclient3 functionality if it is not required, or protect it behind stronger authentication measures.
  • Configure a web application firewall or input filtering solution to block XSS payloads targeting the addclient3 endpoint.

Generated by OpenCVE AI on June 25, 2026 at 00:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 24 Jun 2026 23:45:00 +0000

Type Values Removed Values Added
Description Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVault Backup. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addclient3 webpage. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27666.
Title Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability
Weaknesses CWE-79
References
Metrics cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published:

Updated: 2026-06-24T23:13:55.522Z

Reserved: 2026-05-27T22:27:43.798Z

Link: CVE-2026-9780

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T00:45:05Z

Weaknesses
  • CWE-79

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')