Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
CVE-2018-25320: ACL Analytics versions 11.x - 13.0.0.579 allow attackers to run malicious commands
CVE-2018-25320
Summary
Some versions of ACL Analytics have a security weakness that could allow attackers to run their own commands on the system, potentially gaining control. This means that sensitive data could be accessed or modified. To protect yourself, update to the latest version of ACL Analytics as soon as possible.
Original title
ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers ca...
Original description
ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to establish reverse shells and gain complete system control.
nvd CVSS3.1
9.8
nvd CVSS4.0
9.3
Vulnerability type
CWE-94
Code Injection
Published: 17 May 2026 · Updated: 30 May 2026 · First seen: 17 May 2026