CVE-2018-25272 in ELBA5المعلومات

الملخص

بحسب MITRE • 22/04/2026

ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions. Attackers can connect to the database using default connector credentials, decrypt the DBA password, and execute commands via the xp_cmdshell stored procedure or add backdoor users to the BEDIENER table.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulnCheck

حجز

22/04/2026

إفشاء

22/04/2026

الاعتدال

تمت الموافقة

إدخال

VDB-358969

CPE

جاهز

CWE

CWE-912 (غير مؤكد)

استغلال

تحميل

CVSS

9.8 (CNA)

EPSS

0.00111

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-25272
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-25272
CVE Details	https://www.cvedetails.com/cve/CVE-2018-25272/

التالي ▸نظرة عامة ◂ السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!