VYPR
Vendor

FileZen

Products
1
CVEs
10
Across products
10
Status
Private

Products

1

Recent CVEs

10
  • CVE-2020-5639CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.05

    Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed.

  • CVE-2018-0694CriNov 15, 2018
    risk 0.64cvss 9.8epss 0.02

    FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

  • CVE-2024-8058HigDec 16, 2024
    risk 0.49cvss 7.6epss 0.00

    An improper parsing vulnerability was reported in the FileZ client that could allow a crafted file in the FileZ directory to read arbitrary files on the device due to URL preloading.

  • CVE-2018-0693HigNov 15, 2018
    risk 0.49cvss 7.5epss 0.02

    Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors.

  • CVE-2021-20655HigFeb 17, 2021
    risk 0.47cvss 7.2epss 0.04

    FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.

  • CVE-2025-6249MedJul 17, 2025
    risk 0.44cvss 6.7epss 0.00

    An authentication bypass vulnerability was reported in FileZ client application that could allow a local attacker with elevated permissions access to application data.

  • CVE-2025-2070MedApr 25, 2025
    risk 0.33cvss 5.0epss 0.00

    An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary file reads on the system if a crafted url is visited by a local user.

  • CVE-2025-2069MedApr 25, 2025
    risk 0.33cvss 5.0epss 0.00

    A cross-site scripting vulnerability was reported in the FileZ client that could allow execution of code if a crafted url is visited by a local user.

  • CVE-2025-2068MedApr 25, 2025
    risk 0.33cvss 5.0epss 0.00

    An open redirect vulnerability was reported in the FileZ client that could allow information disclosure if a crafted url is visited by a local user.

  • CVE-2026-25108KEVFeb 13, 2026
    risk 0.13cvss epss 0.05

    FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command.