CVE-2025-8356
Xerox FreeFlow Core 8.0.5前版本存在路径遍历漏洞,可致远程代码执行。攻击者可上传文件、进行路径操作并执行任意命令。建议升级至8.0.5或更高版本以修复问题。 2025-8-11 21:41:58 Author: horizon3.ai(查看原文) 阅读量:16 收藏
Xerox FreeFlow Core 8.0.5前版本存在路径遍历漏洞,可致远程代码执行。攻击者可上传文件、进行路径操作并执行任意命令。建议升级至8.0.5或更高版本以修复问题。 2025-8-11 21:41:58 Author: horizon3.ai(查看原文) 阅读量:16 收藏
Xerox FreeFlow Core Remote Code Execution Vulnerability
Xerox FreeFlow Core versions prior to 8.0.5 contain a path traversal vulnerability that can lead to remote code execution.
Exploiting this vulnerability could enable an attacker to upload files, perform path traversal operations, and execute arbitrary commands on the affected system.
Mitigations
- Upgrade to version 8.0.5 or later.
Rapid Response N-Day Testing
References
Read about other CVEs
NodeZero® Platform
Implement a continuous find, fix, and verify loop with NodeZero
The NodeZero® platform empowers your organization to reduce your security risks by autonomously finding exploitable weaknesses in your network, giving you detailed guidance around how to priortize and fix them, and having you immediately verify that your fixes are effective.
Recognized By
文章来源: https://horizon3.ai/attack-research/vulnerabilities/cve-2025-8356/
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh