Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
WinRAR 7.23 Patches Critical Heap Overflow Vulnerability CVE-2024-XXXX
July 2, 2026
Medtronic Confirms Data Breach, Corporate IT Systems Compromised
July 2, 2026
Critical ClamAV Vulnerabilities Let Attackers Trigger DoS
July 2, 2026
Home/CyberSecurity News/Critical FileZen Vulnerability Lets Attackers Execute Arbitrary Commands
CyberSecurity News

Critical FileZen Vulnerability Lets Attackers Execute Arbitrary Commands

Key Takeaways A critical command injection vulnerability (CVE-2026-25108) has been discovered in Soliton Systems K.K.’s FileZen secure file transfer solution. The flaw, rated 8.8 CVSS v3.0,...

Sarah simpson
Sarah simpson
February 16, 2026 3 Min Read
44 0

Key Takeaways

  • A critical command injection vulnerability (CVE-2026-25108) has been discovered in Soliton Systems K.K.’s FileZen secure file transfer solution.
  • The flaw, rated 8.8 CVSS v3.0, allows authenticated attackers to execute arbitrary operating system commands.
  • Exploitation has been observed in the wild prior to patching, indicating active threats.
  • Affected versions include FileZen V5.0.0 through V5.0.10 and V4.2.1 through V4.2.8.
  • Users must upgrade to FileZen firmware V5.0.11 or later immediately to mitigate the risk.

Critical Flaw in Soliton FileZen Poses Severe Risk

A significant security vulnerability has been identified in the FileZen secure file transfer product developed by Soliton Systems K.K., potentially allowing malicious actors to gain unauthorized control over affected systems. This critical flaw, officially designated CVE-2026-25108, carries a severe CVSS v3.0 base score of 8.8, highlighting its high impact potential.

Table Of Content

  • Key Takeaways
  • Critical Flaw in Soliton FileZen Poses Severe Risk
  • Command Injection Leads to Arbitrary Code Execution
  • FileZen’s Role and Affected Versions
  • What You Should Do

Command Injection Leads to Arbitrary Code Execution

The core of the vulnerability lies in an OS command injection (CWE-78) flaw within FileZen’s processing architecture. Specifically, this weakness becomes exploitable when the “Antivirus Check Option” is activated. Attackers who have successfully authenticated to a vulnerable FileZen instance can leverage this by dispatching specially crafted HTTP requests. This action enables them to inject and execute arbitrary commands directly on the underlying operating system, effectively bypassing security controls.

Soliton Systems K.K. has confirmed that attempts to exploit this vulnerability were detected in active campaigns before a patch was made available. This indicates that threat actors were already leveraging the flaw, underscoring the urgency for immediate remediation.

FileZen’s Role and Affected Versions

FileZen serves as a crucial secure file transfer and sharing platform, widely deployed across enterprises for secure data exchange, both internally and with external partners. It is important to note that the FileZen S variant is not impacted by this particular vulnerability.

The table below details the affected FileZen versions:

CVE ID CVSS Description Affected Versions
CVE-2026-25108 8.8 (High) OS command injection enabling arbitrary execution. V5.0.0–V5.0.10, V4.2.1–V4.2.8

Once an authenticated attacker sends a malicious HTTP request, they can run commands at the OS level with elevated privileges. Successful exploitation could lead to a complete compromise of the appliance, allowing attackers to manipulate files, extract sensitive data, or establish persistent access for further network infiltration. Given that FileZen systems are often exposed to enterprise networks, the potential impact extends to significant risks concerning data confidentiality and system integrity, as detailed in the advisory published by Japan’s JPCERT/CC (JVN#84622767).

What You Should Do

  • Immediate Update: All FileZen users running affected versions (V5.0.0–V5.0.10 and V4.2.1–V4.2.8) must upgrade their firmware to FileZen version V5.0.11 or later without delay. This update contains the necessary security fixes to neutralize the OS command injection vulnerability.
  • Review Logs: Administrators should review system logs for any signs of unusual activity or unauthorized command execution, particularly if the “Antivirus Check Option” was enabled.
  • Implement Least Privilege: Ensure that all user accounts, especially those with access to FileZen, operate under the principle of least privilege to minimize the potential impact of compromised credentials.
  • Network Segmentation: Where possible, isolate FileZen instances within a segmented network zone to limit lateral movement in the event of a breach.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVEExploitPatchSecurityVulnerability

Share Article

Sarah simpson

Sarah simpson

Sarah is a cybersecurity journalist specializing in threat intelligence and malware analysis. With over 8 years of experience covering APT groups, zero-day exploits, and advanced persistent threats, Sarah brings deep technical expertise to breaking cybersecurity news. Previously, she worked as a security researcher at leading threat intelligence firms, where she analyzed malware samples and tracked cybercriminal operations. Sarah holds a Master's degree in Computer Science with a focus on cybersecurity and is a regular contributor to major security conferences.

Previous Post

Critical Airleader RCE Flaw (CVE-2023-41285) Exposes Systems

Next Post

LockBit 5.0 Ransomware Targets Windows, Linux, and ESXi Systems

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
WhatsApp Username Reservations Raise Security Concerns for 2 Billion Users
July 2, 2026
Alleged Scattered Spider Member Extradited to US for 100+ Network Hacks
July 2, 2026
CISA Warns of Exploited SimpleHelp Authentication Bypass Vulnerability
July 2, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us