CVE-2026-25108

CVSS 8.7 HIGHEPSS 5.0%● KEVCWE-78

Vexday Risk Score

51Attention

SSVC decision (CISA)

Act

Exploitation + impact → act immediately

CVSS 8.7EPSS 5.0%KEV simPoC —Nuclei —Metasploit —Patch —

Lifecycle

13 Feb 2026Published on NVD

24 Feb 2026Active exploitation (CISA KEV)

Recommendation: Patch as soon as possible — active exploitation confirmed.

In short

FileZen has a flaw that allows a logged-in user to run unauthorized commands on the server by sending specially crafted requests when the Antivirus Check feature is enabled. This lets attackers take control of the system.

Technical detail

OS command injection vulnerability (CWE-78) in FileZen's Antivirus Check feature allows authenticated users to execute arbitrary OS commands via maliciously crafted HTTP requests. Exploitation requires valid user credentials and the feature to be enabled; successful exploitation grants command execution with application privileges.

Summary generated and translated by AI from the official description.

FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

Soliton Systems K.K. · FileZen

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://jvn.jp/en/jp/JVN84622767/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-25108 https://www.soliton.co.jp/support/2026/006657.html