JPCERT/CC Warns of Active Exploits Targeting Critical FileZen Command Injection Flaw
Ddos 
A critical security vulnerability in FileZen, the popular file transfer appliance from Soliton Systems K.K., is currently under active attack. In a new security advisory, JPCERT/CC has sounded the alarm regarding CVE-2026-25108, an OS command injection flaw that allows attackers to execute arbitrary commands on the server.
With a CVSS score of 8.8, the vulnerability poses a significant risk to organizations relying on the platform for secure file sharing. Most concerning is the confirmation that adversaries are already using it in the wild.
“The developer states that attacks exploiting the vulnerability has been observed,” the advisory warns.
This confirmation of active exploitation transforms the update from a routine maintenance task into an emergency patch scenario.
The vulnerability specifically impacts FileZen’s interaction with its antivirus components. The flaw is not present in the default configuration but becomes exposed when a specific security feature is turned on.
“This vulnerability can be exploited when FileZen Antivirus Check Option is enabled,” the report explains.
While this condition might limit the attack surface to organizations prioritizing security scanning, those are precisely the targets that likely hold the most sensitive data.
To trigger the exploit, an attacker needs access to the system, but the barrier is relatively low. The advisory notes that the attack vector involves an authenticated user sending a manipulated request.
“If a user logs-in to the affected product and sends a specially crafted HTTP request, an arbitrary OS command may be executed,” JPCERT/CC states.
This means a compromised user accountβor a malicious insiderβcould escalate their privileges to execute commands directly on the operating system, potentially leading to a full system takeover.
The vulnerability affects FileZen versions V5.0.0 through V5.0.10 and V4.2.1 through V4.2.8. Soliton Systems has released a fix, and administrators are urged to upgrade to FileZen V5.0.11 immediately to close the security gap.
Related Posts:
- JPCERT/CC Warns: MirrorFaceΒ LODEINFO & NOOPDOOR Malware Targeting Industry
- Critical Flaws in ELECOM Routers: JPCERT/CC Issues Warning Over Command Injection and XSS Risks
- CrossC2 and ReadNimeLoader: Inside the Multi-Stage Intrusions Targeting Linux and Windows Environments
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
