CVE-2018-25272 in ELBA5信息

摘要

由 MITRE • 2026-04-22

ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions. Attackers can connect to the database using default connector credentials, decrypt the DBA password, and execute commands via the xp_cmdshell stored procedure or add backdoor users to the BEDIENER table.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

负责

VulnCheck

预定

2026-04-22

披露

2026-04-22

管理

已接受

条目

VDB-358969

CPE

准备好

CWE

CWE-912 (未确认)

利用

下载

CVSS

9.8 (CNA)

EPSS

0.00111

KEV

否

活动

非常低

来源

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-25272
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-25272
CVE Details	https://www.cvedetails.com/cve/CVE-2018-25272/

◂ 上一步一览下一步 ▸

Do you need the next level of professionalism?

Upgrade your account now!