CVE-2018-25320

CRITICAL

ACL Analytics 11.x - 13.0.0.579 Arbitrary Code Execution

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25320. PoCs published by Clutchisback1.

AI-analyzed exploit summary This exploit leverages BITSAdmin to download a PowerShell reverse shell payload and execute it on a vulnerable ACL Analytics installation. The payload establishes a reverse shell to a specified IP and port.

Description

ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to establish reverse shells and gain complete system control.

Exploits (1)

exploitdb WORKING POC

by Clutchisback1 · textwebappswindows

https://www.exploit-db.com/exploits/44281

View Code ZIP pw:eip

This exploit leverages BITSAdmin to download a PowerShell reverse shell payload and execute it on a vulnerable ACL Analytics installation. The payload establishes a reverse shell to a specified IP and port.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: ACL Analytics 11.x - 13.0.0.579

No auth needed

Prerequisites: Network access to the target · Ability to host the PowerShell payload on an accessible server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 17, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit

ExploitDB-44281

https://www.exploit-db.com/exploits/44281

Product product

Official Product Homepage

https://www.acl.com

Product product

Product Reference

https://www.acl.com/products/acl-analytics/

Third Party Advisory third-party-advisory

VulnCheck Advisory: ACL Analytics 11.x - 13.0.0.579 Arbitrary Code Execution

https://www.vulncheck.com/advisories/acl-analytics-11-x-arbitrary-code-execution

Scores

CVSS v3 9.8

EPSS 0.0058

EPSS Percentile 42.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-94

Status published

Products (2)

acl/ACL Analytics 11.0 - 13.0.0.579

acl/ACL Analytics 11.x - 13.0.0.579

Published May 17, 2026

Tracked Since May 17, 2026