← back
CVE-2018-25233

WebDrive 18.00.5057 Denial of Service via Secure WebDAV

CVSS 6.9 MEDIUMEPSS 0.2%CWE-233
WebDrive 18.00.5057 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the username field during Secure WebDAV connection setup. Attackers can input a buffer-overflow payload of 5000 bytes in the username parameter and trigger a connection test to cause the application to crash.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected products
Webdrive · WebDrive
public PoCs found1
cve_referencewww.exploit-db.com/exploits/45761unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://webdrive.com/https://webdrive.com/download/https://www.exploit-db.com/exploits/45761https://www.vulncheck.com/advisories/webdrive-denial-of-service-via-secure-webdav