Critical Command Injection Flaw in Soliton Systems’ FileZen Exposes Enterprises to Remote Attacks
A severe vulnerability (CVE-2026-25108) has been identified in Soliton Systems K.K.’s FileZen file transfer solution, enabling authenticated attackers to execute arbitrary system commands on affected installations. The flaw, rated 8.8 (High) on the CVSS v3.0 scale, stems from an OS command injection (CWE-78) vulnerability in the platform’s Antivirus Check Option processing mechanism.
Exploitation requires authenticated access, but attackers can trigger the flaw by sending specially crafted HTTP requests to a vulnerable FileZen instance, gaining execution privileges on the underlying OS. Successful exploitation could lead to full system compromise, unauthorized file manipulation, or persistent network access for further attacks.
Affected Versions:
- V5.0.0–V5.0.10
- V4.2.1–V4.2.8
Soliton Systems confirmed that active exploitation attempts have been observed in the wild, underscoring the urgency of patching. The company clarified that FileZen S, a separate variant, remains unaffected.
The vulnerability was disclosed via Japan’s JPCERT/CC (JVN#84622767), highlighting risks to data confidentiality and system integrity particularly for enterprises using FileZen for secure file transfers across internal and external networks.
A firmware update (V5.0.11 or later) has been released to mitigate the flaw by neutralizing the command injection vector. Organizations using affected versions are advised to apply the patch immediately.
Source: https://cybersecuritynews.com/filezen-file-transfer-app-vulnerability/
Soliton Systems K.K. TPRM report: https://www.rankiteo.com/company/soliton-systems-europe
"id": "sol1771244668",
"linkid": "soliton-systems-europe",
"type": "Vulnerability",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Technology (File Transfer Solutions)',
'location': 'Japan',
'name': 'Soliton Systems K.K.',
'type': 'Company'}],
'attack_vector': 'HTTP Requests',
'description': 'A severe vulnerability (CVE-2026-25108) has been identified '
'in Soliton Systems K.K.’s FileZen file transfer solution, '
'enabling authenticated attackers to execute arbitrary system '
'commands on affected installations. The flaw, rated 8.8 '
'(High) on the CVSS v3.0 scale, stems from an OS command '
'injection (CWE-78) vulnerability in the platform’s Antivirus '
'Check Option processing mechanism. Exploitation requires '
'authenticated access, but attackers can trigger the flaw by '
'sending specially crafted HTTP requests to a vulnerable '
'FileZen instance, gaining execution privileges on the '
'underlying OS. Successful exploitation could lead to full '
'system compromise, unauthorized file manipulation, or '
'persistent network access for further attacks.',
'impact': {'data_compromised': 'Data confidentiality and system integrity',
'operational_impact': 'Full system compromise, unauthorized file '
'manipulation, persistent network access',
'systems_affected': 'FileZen file transfer solution '
'(V5.0.0–V5.0.10, V4.2.1–V4.2.8)'},
'post_incident_analysis': {'corrective_actions': 'Firmware update to '
'neutralize the command '
'injection vector',
'root_causes': 'OS command injection vulnerability '
'in the Antivirus Check Option '
'processing mechanism'},
'recommendations': 'Organizations using affected versions are advised to '
'apply the patch immediately.',
'references': [{'source': 'JPCERT/CC'}],
'regulatory_compliance': {'regulatory_notifications': 'Disclosed via Japan’s '
'JPCERT/CC '
'(JVN#84622767)'},
'response': {'containment_measures': 'Firmware update (V5.0.11 or later) '
'released to mitigate the flaw',
'remediation_measures': 'Apply firmware update (V5.0.11 or '
'later)'},
'title': 'Critical Command Injection Flaw in Soliton Systems’ FileZen Exposes '
'Enterprises to Remote Attacks',
'type': 'Command Injection',
'vulnerability_exploited': 'CVE-2026-25108 (OS Command Injection - CWE-78)'}