Soliton Systems K.K FileZen 5.0.11 mitigation advisory
Advisory/Mitigation
Summary
Hide ▲
Show ▼
Soliton Systems K.K advised FileZen users to upgrade to version 5.0.11 or later and change passwords after exploitation reports, reducing risk from CVE-2026-25108 on affected deployments.
Related Happenings
Soliton Systems FileZen arbitrary command injection flaw (CVE-2026-25108)
Vulnerability
First: 16.02.2026 23:10
Last: 16.02.2026 23:10
Sources 1
How related:
The vulnerability, tracked as CVE-2026-25108 (CVSS v4 score: 8.7), is a case of operating system (OS) command injection that could allow an authenticated user to execute arbitrary commands via specially crafted HTTP requests.
About this happening:
**CVE-2026-25108** in **Soliton Systems’ FileZen products** was being **actively exploited**, creating immediate command-execution risk for affected deployments. The flaw is an **...
Soliton Systems FileZen arbitrary command injection flaw (CVE-2026-25108)
VulnerabilityHow related: The vulnerability, tracked as CVE-2026-25108 (CVSS v4 score: 8.7), is a case of operating system (OS) command injection that could allow an authenticated user to execute arbitrary commands via specially crafted HTTP requests.
About this happening: **CVE-2026-25108** in **Soliton Systems’ FileZen products** was being **actively exploited**, creating immediate command-execution risk for affected deployments. The flaw is an **...
Timeline
-
25.02.2026 07:23 1 articles · 3mo ago
CISA adds FileZen CVE-2026-25108 to KEV catalog
Initial DisclosureCISA added CVE-2026-25108 in Soliton Systems K.K FileZen to the Known Exploited Vulnerabilities catalog after evidence of active exploitation. The OS command injection flaw affects FileZen 4.2.1 to 4.2.8 and 5.0.0 to 5.0.10 and can let an authenticated user execute arbitrary commands via specially crafted HTTP requests.
Show sources
- CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability — thehackernews.com — 25.02.2026 07:23
-
25.02.2026 02:00 2 articles · 3mo ago
Soliton advises FileZen 5.0.11 upgrade and password reset
Mitigation Patch UpdateSoliton Systems K.K advised FileZen users to upgrade to version 5.0.11 or later and change all user passwords after reports of exploitation tied to CVE-2026-25108; successful exploitation requires FileZen Antivirus Check Option to be enabled and a signed-in user with general privileges, and Federal Civilian Executive Branch agencies were told to apply fixes by March 17, 2026.
Show sources
- CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability — thehackernews.com — 25.02.2026 07:23
- CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability — thehackernews.com — 25.02.2026 07:23