ZDI-26-284: DriveLock Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of DriveLock. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2026-5487.
AI Analysis
Technical Summary
This vulnerability in DriveLock involves a directory traversal flaw in its web service component, which listens on TCP port 4568. Due to insufficient validation of user-supplied file paths, remote attackers can craft requests to access sensitive files outside the intended directory scope. No authentication is required to exploit this issue, allowing unauthorized information disclosure with the privileges of the service account. The Zero Day Initiative assigned a CVSS score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). DriveLock has released an update to fix the vulnerability.
Potential Impact
Successful exploitation allows remote attackers to disclose sensitive information from the affected DriveLock installation without authentication. The information is accessed with the permissions of the service account running the web service. There is no impact on integrity or availability reported.
Mitigation Recommendations
DriveLock has issued an official update that corrects this vulnerability. Users should apply the provided update from DriveLock as detailed in their security bulletin at https://www.drivelock.help/sb/Content/SecurityBulletins/26-003-PathValidation.htm to remediate this issue.
ZDI-26-284: DriveLock Directory Traversal Information Disclosure Vulnerability
Description
This vulnerability allows remote attackers to disclose sensitive information on affected installations of DriveLock. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2026-5487.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in DriveLock involves a directory traversal flaw in its web service component, which listens on TCP port 4568. Due to insufficient validation of user-supplied file paths, remote attackers can craft requests to access sensitive files outside the intended directory scope. No authentication is required to exploit this issue, allowing unauthorized information disclosure with the privileges of the service account. The Zero Day Initiative assigned a CVSS score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). DriveLock has released an update to fix the vulnerability.
Potential Impact
Successful exploitation allows remote attackers to disclose sensitive information from the affected DriveLock installation without authentication. The information is accessed with the permissions of the service account running the web service. There is no impact on integrity or availability reported.
Mitigation Recommendations
DriveLock has issued an official update that corrects this vulnerability. Users should apply the provided update from DriveLock as detailed in their security bulletin at https://www.drivelock.help/sb/Content/SecurityBulletins/26-003-PathValidation.htm to remediate this issue.
Technical Details
- Article Source
- {"url":"http://www.zerodayinitiative.com/advisories/ZDI-26-284/","fetched":true,"fetchedAt":"2026-05-26T19:58:13.175Z","wordCount":189}
Threat ID: 6a15fc93e29bf47b5055e03c
Added to database: 5/26/2026, 8:03:31 PM
Last enriched: 5/26/2026, 8:08:01 PM
Last updated: 5/27/2026, 5:02:10 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.