FileZen, a well-known file transfer program from Japan's Soliton Systems K.K., has a serious flaw that allows authenticated attackers to run arbitrary operating system commands on servers that are susceptible This article explores filezen versions secure. . This OS command injection vulnerability, identified as CVE-2026-25108, has a high CVSS score of 8.8 (v3.0) and 8.7 (v4.0).

Businesses that handle sensitive file transfers, particularly those that have the Antivirus Check Option enabled, are seriously at risk from it. When attackers with legitimate login credentials send specially constructed HTTP requests, the problem occurs. This inserts malicious commands that run with the app's privileges by taking advantage of a flaw in the way FileZen handles inputs during antivirus scanning. Attackers may install malware, steal data, or take over the system entirely.

Published on February 13, 2026, Japan's Vulnerability Notes (JVN) advisory affirms that attempts at real-world exploitation are occurring and calls for prompt action. FileZen versions V-4.2.1 to V-4.2.8 and V-5.0.0 to V-5.0.10 are impacted. FileZen S versions are still secure.

Although there is currently no publicly available exploit code, it is risky in shared environments due to its low barrier, which only requires authentication. CVE ID CVSS v3.0 Score CVSS v4.0 Score Description CVE-2026-25108 8.8 (High) 8.7 (Critical) OS command injection in FileZen; when Antivirus Check Option is enabled, authenticated attackers use crafted HTTP requests to carry out arbitrary commands. By giving attackers system-level access to the application, exploitation puts confidentiality, availability, and integrity at complete risk. After collaborating with JPCERT/CC as part of Japan's early warning partnership, Soliton Systems patched it in V-5.0.11.

Without affecting essential features, the fix stops the injection path. Organizations need to upgrade right away, giving active antivirus scanning setups top priority. Examine logs from mid-February 2026 for strange logins, questionable HTTP traffic, or command artifacts.

Japanese-specific advice, including IOCs for unsuccessful exploits, is provided by JPCERT/CC's alert JPCERT-AT-2026-0004. This defect draws attention to dangers in file transfer programs that have built-in scanning. Although it decreases exposure until patching, turning off the antivirus check option does not replace updates. Secure defaults in upcoming releases are emphasized by vendors such as Soliton.

Make ZeroOwl your preferred source in Google