CVE-2026-25108
Awaiting Analysis Awaiting Analysis - Queue
OS Command Injection in FileZen Virus Check Enables Remote Execution

Publication date: 2026-02-13

Last updated on: 2026-02-24

Assigner: JPCERT/CC

Description
FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-13
Last Modified
2026-02-24
Generated
2026-06-16
AI Q&A
2026-02-13
EPSS Evaluated
2026-06-15
NVD
CVE-2026-25108
EUVD
EUVD-2026-6172
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
soliton filezen From 4.2.1 (inc) to 5.0.11 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-25108 is an OS command injection vulnerability found in FileZen, a product by Soliton Systems K.K. This vulnerability occurs when the FileZen virus check option is enabled. A logged-in user can send a specially crafted HTTP request that allows them to execute arbitrary operating system commands on the affected system.

The affected versions include FileZen V5.0.0 to V5.0.10 and V4.2.1 to V4.2.8, while FileZen S is not affected. The vulnerability requires that the attacker has valid user login access, either through leaked credentials or by guessing user ID and password.

This vulnerability has a high severity score (CVSS v3.0 base score of 8.8) and has been exploited in the wild. It was fixed in FileZen version 5.0.11.

Impact Analysis

This vulnerability allows a remote attacker with valid user credentials to execute arbitrary operating system commands on the FileZen system. This can lead to unauthorized control over the system, potentially compromising confidentiality, integrity, and availability of data and services.

Exploitation can result in unauthorized access, data breaches, system disruption, or further attacks within the network. Since the attacker can run OS commands, they might install malware, steal sensitive information, or disrupt normal operations.

There is no workaround for affected versions, so users must upgrade to FileZen V5.0.11 or later to mitigate the risk. Additionally, it is recommended to reset all user passwords due to the risk of compromised accounts.

Compliance Impact

I don't know

Detection Guidance

The product lacks explicit detection features for exploitation of this vulnerability.

However, its system directory file monitoring may log suspicious file operations, which can be reviewed via support channels.

No specific commands for detection are provided in the available resources.

Mitigation Strategies

Users must upgrade FileZen to version 5.0.11 or later, as this version fixes the vulnerability.

Consider resetting all user passwords due to the risk of compromised accounts.

Follow additional security recommendations provided in the vendor’s FAQ and contact support if needed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-25108. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart