Summary
CISA reports active exploitation of a critical command injection vulnerability (CVE-2026-25108) in Soliton Systems' FileZen following reports of active exploitation and potential ransomware links. The flaw allows authenticated attackers to execute arbitrary OS commands on appliances with antivirus scanning enabled.
Take Action:
Update your FileZen appliances to version 5.0.11 ASAP and reset all user passwords to block attackers using stolen credentials. Check your system directory logs for any unauthorized file changes to confirm if your system was already compromised. Isolation is not really an option, since this platform is designed to be accessible by external users.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)