Article: CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

Meridiano

Add Article

Image for Article: CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

Article Details

Title

Article: CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

Impact Score

5 / 10

AI Summary (Processed Content)

CISA has added a critical OS command injection vulnerability (CVE-2026-25108) in Soliton Systems' FileZen software to its Known Exploited Vulnerabilities catalog due to active exploitation. The flaw allows authenticated users to execute arbitrary commands and affects specific versions of the file transfer product when its Antivirus Check Option is enabled. The vendor advises updating to version 5.0.11 or later and changing all user passwords, while U.S. federal agencies have a remediation deadline of March 17, 2026. The main topics covered are the vulnerability's technical details, affected versions, exploitation conditions, and recommended mitigation steps.

Original URL

https://thehackernews.com/2026/02/cisa-confirms-active-exploitation-of.html

Source Feed

The Hacker News

Published Date

2026-02-25 05:23

Fetched Date

2026-03-04 13:39

Processed Date

2026-03-04 13:55

Embedding Status

Present

Cluster ID

Not Clustered

Raw Extracted Content

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vulnerability in FileZen to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability, tracked as CVE-2026-25108 (CVSS v4 score: 8.7), is a case of operating system (OS) command injection that could allow an authenticated user to execute arbitrary commands via specially crafted HTTP requests.
"Soliton Systems K.K FileZen contains an OS command injection vulnerability when a user logs-in to the affected product and sends a specially crafted HTTP request," CISA said.
According to the Japan Vulnerability Notes (JVN), the vulnerability affects the following versions of the file transfer product -
- Versions 4.2.1 to 4.2.8
- Versions 5.0.0 to 5.0.10
Soliton noted in its advisory that successful exploitation of the issue is only possible when FileZen Antivirus Check Option is enabled, adding it has "received at least one report of damage caused by the exploitation of this vulnerability."
The Japanese technology company also revealed that a bad actor must sign in to the web interface with general user privileges to be able to pull off an attack. Users are advised to update to version 5.0.11 or later to mitigate the threat.
"If you have been attacked or suspect that you have been victimized by this vulnerability, please consider not only updating to V5.0.11 or later, but also changing all user passwords as a precaution, as an attacker can log on with at least one real account," it added.
Federal Civilian Executive Branch (FCEB) agencies are advised to apply the necessary fixes by March 17, 2026, to secure their networks.