Home

Description

ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to establish reverse shells and gain complete system control.

PUBLISHED Reserved 2026-05-17 | Published 2026-05-17 | Updated 2026-05-18 | Assigner VulnCheck




CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

Improper Control of Generation of Code ('Code Injection')

Product status

11.x - 13.0.0.579
affected

Credits

Clutchisback1 finder

References

www.exploit-db.com/exploits/44281 (ExploitDB-44281) exploit

www.acl.com (Official Product Homepage) product

www.acl.com/products/acl-analytics/ (Product Reference) product

www.vulncheck.com/...analytics-11-x-arbitrary-code-execution (VulnCheck Advisory: ACL Analytics 11.x - 13.0.0.579 Arbitrary Code Execution) third-party-advisory

cve.org (CVE-2018-25320)

nvd.nist.gov (CVE-2018-25320)

Download JSON