Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

NetDrive

Source -

CNA

CNA CVEs -

3

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2016-20092
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.12% / 2.12%
||
7 Day CHG~0.00%
Published-19 Jun, 2026 | 14:16
Updated-23 Jun, 2026 | 03:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NetDrive 2.6.12 Unquoted Service Path Elevation of Privilege

NetDrive 2.6.12 contains an unquoted service path vulnerability in the Netdrive2_Service_Netdrive2 service that allows local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that will be executed during service startup or system reboot, resulting in privilege escalation.

Action-Not Available
Vendor-Netdrive
Product-NetDrive
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2025-2769
Assigner-Zero Day Initiative
ShareView Details
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.18% / 7.87%
||
7 Day CHG~0.00%
Published-23 Apr, 2025 | 16:51
Updated-14 Aug, 2025 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25295.

Action-Not Available
Vendor-bdriveBdrive
Product-netdriveNetDrive
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-2768
Assigner-Zero Day Initiative
ShareView Details
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.18% / 7.87%
||
7 Day CHG~0.00%
Published-23 Apr, 2025 | 16:51
Updated-14 Aug, 2025 | 14:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25041.

Action-Not Available
Vendor-bdriveBdrive
Product-netdriveNetDrive
CWE ID-CWE-427
Uncontrolled Search Path Element