CVE-2018-25272
published 2026-04-22CVE-2018-25272: ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM…
PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.42%
33.8th percentile
ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions. Attackers can connect to the database using default connector credentials, decrypt the DBA password, and execute commands via the xp_cmdshell stored procedure or add backdoor users to the BEDIENER table.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elba | elba5 | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7xhq-2xxj-qpp5: ELBA5 5
ghsa_unreviewed·2026-04-22
CVE-2018-25272 [CRITICAL] CWE-326 GHSA-7xhq-2xxj-qpp5: ELBA5 5
ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions. Attackers can connect to the database using default connector credentials, decrypt the DBA password, and execute commands via the xp_cmdshell stored procedure or add backdoor users to the BEDIENER table.
VulDB
Elba ELBA5 5.8.0 xp_cmdshell information disclosure (Exploit 45905)
vuldb·2026-04-22·CVSS 9.3
CVE-2018-25272 [CRITICAL] Elba ELBA5 5.8.0 xp_cmdshell information disclosure (Exploit 45905)
A vulnerability categorized as problematic has been discovered in Elba ELBA5 5.8.0. Impacted is the function xp_cmdshell. The manipulation results in information disclosure.
This vulnerability was named CVE-2018-25272. The attack may be performed from remote. In addition, an exploit is available.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-04-22
Published