Primary

Context

AdminExpress Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in AdminExpress version 1.2.5.485. This vulnerability allows local attackers to crash the application by sending oversized input through the 'System Compare' feature. By pasting a large buffer of characters into the 'Folder Path' field and activating the comparison function, the application becomes unresponsive or crashes.

Impact

Exploitation of this vulnerability leads to a crash of the application, causing it to become unresponsive.

Reproduction

To reproduce this vulnerability, open AdminExpress 1.2.5 and navigate to the 'System Compare' feature. Paste a large buffer of characters into the 'Folder Path' field. Then, click the scales icon next to the 'Folder Path' field to trigger the comparison. The application will become unresponsive or crash.

Added: Mar 22, 2026, 2:21 PM

Updated: Mar 22, 2026, 2:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

4.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

4.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AdminExpress Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating