【Vulnerability Alert】KFOX Information KFOX has an Arbitrary File Upload vulnerability

• Subject Description: 【Vulnerability Alert】 KFOX Information KFOX has an Arbitrary File Upload vulnerability
• Content Description:
  • Forwarded by Taiwan Computer Network Crisis Handling and Coordination Center TWCERTCC-200-202505-00000013
  • [KFOX Information KFOX - Arbitrary File Upload] (CVE-2025-4561, CVSS: 8.8) KFOX Information KFOX has an Arbitrary File Upload vulnerability. Remote attackers with general permissions can upload and execute web backdoor programs, thereby executing arbitrary code on the server side.
• Affected Platforms:
  • KFOX version 2.6 and earlier
• Recommended Actions:
  • Please contact KFOX Information customer service for updates and patches
• Reference Information:
  • KFOX Information KFOX - Arbitrary File Upload: https://www.twcert.org.tw/tw/cp-132-10120-269d9-1.html

Network System Division
Computer and Communication Center9