The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Tuesday added a just lately disclosed vulnerability in FileZen to its Identified Exploited Vulnerabilities (KEV) catalog, citing proof of energetic exploitation.
The vulnerability, tracked as CVE-2026-25108 (CVSS v4 rating: 8.7), is a case of working system (OS) command injection that might permit an authenticated person to execute arbitrary instructions through specifically crafted HTTP requests.
“Soliton Programs Ok.Ok FileZen accommodates an OS command injection vulnerability when a person logs-in to the affected product and sends a specifically crafted HTTP request,” CISA mentioned.
In line with the Japan Vulnerability Notes (JVN), the vulnerability impacts the next variations of the file switch product –
- Variations 4.2.1 to 4.2.8
- Variations 5.0.0 to five.0.10
Soliton famous in its advisory that profitable exploitation of the problem is just potential when FileZen Antivirus Verify Possibility is enabled, including it has “acquired at the very least one report of harm attributable to the exploitation of this vulnerability.”
The Japanese know-how firm additionally revealed {that a} dangerous actor should check in to the online interface with basic person privileges to have the ability to pull off an assault. Customers are suggested to replace to model 5.0.11 or later to mitigate the menace.
“If in case you have been attacked or suspect that you’ve been victimized by this vulnerability, please think about not solely updating to V5.0.11 or later, but additionally altering all person passwords as a precaution, as an attacker can go online with at the very least one actual account,” it added.
Federal Civilian Govt Department (FCEB) companies are suggested to use the required fixes by March 17, 2026, to safe their networks.
