What is CVE-2018-25310?

CVE-2018-25310 is a medium-severity vulnerability in Videoflow Ltd. Digital Video Protection, classified under Cross-Site Request Forgery (CSRF). CVSS score: 4.3/10. Published 2026-04-29.

How severe is CVE-2018-25310?

Medium severity. CVSS v3 base score is 4.3 out of 10.

CSRF in Videoflow Ltd. Digital Video Protection

CVE-2018-25310

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting a cross-site request forgery flaw in the web m…

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.000 (13.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N.

Affected products

Videoflow Ltd. Digital Video Protection — versions 2.10, 1.40.0.15, 2.10.0.5

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

References

ExploitDB-44387 (exploit)
Vulnerability Advisory (vendor-advisory)
VulnCheck Advisory: VideoFlow Digital Video Protection DVP 10 Authenticated Remote Code Execution (third-party-advisory)
134c704f-9b21-4f2e-91b3-4a467353bcc0

Frequently asked questions

What is CVE-2018-25310?: CVE-2018-25310 is a medium-severity vulnerability in Videoflow Ltd. Digital Video Protection, classified under Cross-Site Request Forgery (CSRF). CVSS score: 4.3/10. Published 2026-04-29.
How severe is CVE-2018-25310?: Medium severity. CVSS v3 base score is 4.3 out of 10.