| TVN ID | TVN-202505013 |
|---|---|
| CVE ID | CVE-2025-4561 |
| CVSS | 8.8 (High) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | KFOX version 2.6 and earlier |
| Description | The KFOX from KingFor has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privilege to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server. |
| Solution | Please contact Kinfor customer service to arrange for the update and patching process. |
| Credit | Security member |
| Public Date | 2025-05-12 |
:::