Unrated severityCISA KEVNVD Advisory· Published May 31, 2018· Updated Oct 21, 2025

CVE-2018-11138

Description

The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/44950/mitreexploitx_refsource_EXPLOIT-DB
www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilitiesmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.075
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.060