CVE-2018-25233

MEDIUM 6.2

WebDrive 18.00.5057 Denial of Service via Secure WebDAV

CVSS Score

6.2

EPSS Score

0.0%

EPSS Percentile

2th

WebDrive 18.00.5057 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the username field during Secure WebDAV connection setup. Attackers can input a buffer-overflow payload of 5000 bytes in the username parameter and trigger a connection test to cause the application to crash.

CWE	CWE-233
Vendor	webdrive
Product	webdrive
Published	Mar 30, 2026
Last Updated	Mar 30, 2026

Stay Ahead of the Next One

Get instant alerts for webdrive webdrive

Be the first to know when new medium vulnerabilities affecting webdrive webdrive are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected Versions

Webdrive / WebDrive

18.00.5057

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/45761 webdrive.com: https://webdrive.com/ webdrive.com: https://webdrive.com/download/ vulncheck.com: https://www.vulncheck.com/advisories/webdrive-denial-of-service-via-secure-webdav

Credits

Victor Mondragón