Description
ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions. Attackers can connect to the database using default connector credentials, decrypt the DBA password, and execute commands via the xp_cmdshell stored procedure or add backdoor users to the BEDIENER table.
Published: 2026-04-22
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

ELBA5 5.8.0 permits remote attackers to retrieve database credentials and launch SYSTEM‑level commands by exploiting weak encryption, allowing the decryption of the DBA password and execution of system shell commands through the xp_cmdshell stored procedure or by adding backdoor users. The CWE‑326 weakness enables attackers to gain complete control over the application environment.

Affected Systems

The vulnerability affects Elba's ELBA5 software, specifically version 5.8.0, which uses default connector credentials to access the database. The attacker can manipulate the BEDIENER table and activate backdoor accounts.

Risk and Exploitability

The CVSS score of 9.3 classifies this flaw as critical. EPSS data is unavailable, and the vulnerability is not listed in CISA KEV, but the ability to connect with default credentials and decrypt keys makes exploitation likely over any exposed database interface. Attackers could achieve full system compromise without needing additional credentials.

Generated by OpenCVE AI on April 22, 2026 at 18:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a patched ELBA5 version that removes the default database connector credentials and secures encrypted keys
  • Replace or disable the xp_cmdshell stored procedure and enforce least‑privilege access for database roles
  • Restrict network access to the database server, allowing connections only from trusted hosts or internal networks

Generated by OpenCVE AI on April 22, 2026 at 18:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 22 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 22 Apr 2026 15:30:00 +0000

Type Values Removed Values Added
Description ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions. Attackers can connect to the database using default connector credentials, decrypt the DBA password, and execute commands via the xp_cmdshell stored procedure or add backdoor users to the BEDIENER table.
Title ELBA5 5.8.0 Remote Code Execution via Database Access
Weaknesses CWE-326
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-22T18:37:38.333Z

Reserved: 2026-04-22T14:33:36.627Z

Link: CVE-2018-25272

cve-icon Vulnrichment

Updated: 2026-04-22T18:37:34.506Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-22T16:16:48.143

Modified: 2026-04-22T21:23:52.620

Link: CVE-2018-25272

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T18:30:23Z

Weaknesses