FileZen OS Command Injection Risk: Unauthorized Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.7

FileZen OS Command Injection Risk: Unauthorized Access

Known exploited Exploitation likelihood: 19%

CVE-2026-25108 CVE-2026-25108

Summary

FileZen OS, made by Soliton Systems K.K, has a security weakness that could allow hackers to execute unauthorized system commands. This means a malicious user can potentially take control of the system or access sensitive data. Users should update their FileZen OS to the latest version to fix this issue.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
soliton systems k.k	filezen	All versions	–
soliton	filezen	> 4.2.1 , <= 5.0.11	–

Original title

Soliton Systems K.K FileZen OS Command Injection Vulnerability

Original description

Soliton Systems K.K FileZen contains an OS command injection vulnerability when an user logs-in to the affected product and sends a specially crafted HTTP request.

Vulnerability type

CWE-78 OS Command Injection

https://jvn.jp/en/jp/JVN84622767/ Third Party Advisory
https://www.soliton.co.jp/support/2026/006657.html Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-... US Government Resource

Published: 24 Feb 2026 · Updated: 14 Mar 2026 · First seen: 6 Mar 2026