Vulnerability in Netdrive
CVE-2016-20092
NetDrive 2.6.12 contains an unquoted service path vulnerability in the Netdrive2_Service_Netdrive2 service that allows local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system r…
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Netdrive — versions 2.6.12
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)
Frequently asked questions
- What is CVE-2016-20092?
- CVE-2016-20092 is a high-severity vulnerability in Netdrive, classified under Unquoted Search Path or Element. CVSS score: 7.8/10. Published 2026-06-19.
- How severe is CVE-2016-20092?
- High severity. CVSS v3 base score is 7.8 out of 10.