Date:2025/05/21
【Vulnerability Alert】KFOX Information KFOX has an Arbitrary File Upload vulnerability
- Subject Description: 【Vulnerability Alert】 KFOX Information KFOX has an Arbitrary File Upload vulnerability
- Content Description:
- Forwarded by Taiwan Computer Network Crisis Handling and Coordination Center TWCERTCC-200-202505-00000013
- [KFOX Information KFOX - Arbitrary File Upload] (CVE-2025-4561, CVSS: 8.8) KFOX Information KFOX has an Arbitrary File Upload vulnerability. Remote attackers with general permissions can upload and execute web backdoor programs, thereby executing arbitrary code on the server side.
- Affected Platforms:
- KFOX version 2.6 and earlier
- Recommended Actions:
- Please contact KFOX Information customer service for updates and patches
- Reference Information:
- KFOX Information KFOX - Arbitrary File Upload: https://www.twcert.org.tw/tw/cp-132-10120-269d9-1.html
Network System Division
Computer and Communication Center9
