Search criteria
11 vulnerabilities found for FileZen by Soliton Systems K.K.
CVE-2021-20655 (GCVE-0-2021-20655)
Vulnerability from cvelistv5 – Published: 2021-02-17 02:05 – Updated: 2024-08-03 17:45
VLAI?
Summary
FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Soliton Systems K.K. | FileZen |
Affected:
V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:45:45.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.soliton.co.jp/support/2021/004334.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN58774946/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FileZen",
"vendor": "Soliton Systems K.K.",
"versions": [
{
"status": "affected",
"version": "V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-17T02:05:30",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.soliton.co.jp/support/2021/004334.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN58774946/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FileZen",
"version": {
"version_data": [
{
"version_value": "V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2"
}
]
}
}
]
},
"vendor_name": "Soliton Systems K.K."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.soliton.co.jp/support/2021/004334.html",
"refsource": "MISC",
"url": "https://www.soliton.co.jp/support/2021/004334.html"
},
{
"name": "https://jvn.jp/en/jp/JVN58774946/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN58774946/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2021-20655",
"datePublished": "2021-02-17T02:05:30",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:45:45.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5639 (GCVE-0-2020-5639)
Vulnerability from cvelistv5 – Published: 2020-12-14 02:25 – Updated: 2024-08-04 08:39
VLAI?
Summary
Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed.
Severity ?
No CVSS data available.
CWE
- Directory traversal
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Soliton Systems K.K. | FileZen |
Affected:
versions from V3.0.0 to V4.2.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.soliton.co.jp/support/2020/004278.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN12884935/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/jp/JVN12884935/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FileZen",
"vendor": "Soliton Systems K.K.",
"versions": [
{
"status": "affected",
"version": "versions from V3.0.0 to V4.2.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-14T02:25:53",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.soliton.co.jp/support/2020/004278.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN12884935/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/jp/JVN12884935/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FileZen",
"version": {
"version_data": [
{
"version_value": "versions from V3.0.0 to V4.2.2"
}
]
}
}
]
},
"vendor_name": "Soliton Systems K.K."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.soliton.co.jp/support/2020/004278.html",
"refsource": "MISC",
"url": "https://www.soliton.co.jp/support/2020/004278.html"
},
{
"name": "https://jvn.jp/en/jp/JVN12884935/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN12884935/index.html"
},
{
"name": "https://jvn.jp/jp/JVN12884935/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/jp/JVN12884935/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5639",
"datePublished": "2020-12-14T02:25:53",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0693 (GCVE-0-2018-0693)
Vulnerability from cvelistv5 – Published: 2018-11-15 15:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- Directory traversal
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Soliton Systems K.K. | FileZen |
Affected:
V3.0.0 to V4.2.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#95355683",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN95355683/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.soliton.co.jp/support/2018/003328.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FileZen",
"vendor": "Soliton Systems K.K.",
"versions": [
{
"status": "affected",
"version": "V3.0.0 to V4.2.1"
}
]
}
],
"datePublic": "2018-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-16T18:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#95355683",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN95355683/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.soliton.co.jp/support/2018/003328.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0693",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FileZen",
"version": {
"version_data": [
{
"version_value": "V3.0.0 to V4.2.1"
}
]
}
}
]
},
"vendor_name": "Soliton Systems K.K."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#95355683",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN95355683/index.html"
},
{
"name": "https://www.soliton.co.jp/support/2018/003328.html",
"refsource": "MISC",
"url": "https://www.soliton.co.jp/support/2018/003328.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0693",
"datePublished": "2018-11-15T15:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-08-05T03:35:48.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0694 (GCVE-0-2018-0694)
Vulnerability from cvelistv5 – Published: 2018-11-15 15:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Soliton Systems K.K. | FileZen |
Affected:
V3.0.0 to V4.2.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.106Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#95355683",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN95355683/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.soliton.co.jp/support/2018/003328.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FileZen",
"vendor": "Soliton Systems K.K.",
"versions": [
{
"status": "affected",
"version": "V3.0.0 to V4.2.1"
}
]
}
],
"datePublic": "2018-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-15T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#95355683",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN95355683/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.soliton.co.jp/support/2018/003328.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FileZen",
"version": {
"version_data": [
{
"version_value": "V3.0.0 to V4.2.1"
}
]
}
}
]
},
"vendor_name": "Soliton Systems K.K."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#95355683",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN95355683/index.html"
},
{
"name": "https://www.soliton.co.jp/support/2018/003328.html",
"refsource": "MISC",
"url": "https://www.soliton.co.jp/support/2018/003328.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0694",
"datePublished": "2018-11-15T15:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-08-05T03:35:49.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20655 (GCVE-0-2021-20655)
Vulnerability from nvd – Published: 2021-02-17 02:05 – Updated: 2024-08-03 17:45
VLAI?
Summary
FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Soliton Systems K.K. | FileZen |
Affected:
V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:45:45.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.soliton.co.jp/support/2021/004334.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN58774946/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FileZen",
"vendor": "Soliton Systems K.K.",
"versions": [
{
"status": "affected",
"version": "V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-17T02:05:30",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.soliton.co.jp/support/2021/004334.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN58774946/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FileZen",
"version": {
"version_data": [
{
"version_value": "V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2"
}
]
}
}
]
},
"vendor_name": "Soliton Systems K.K."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.soliton.co.jp/support/2021/004334.html",
"refsource": "MISC",
"url": "https://www.soliton.co.jp/support/2021/004334.html"
},
{
"name": "https://jvn.jp/en/jp/JVN58774946/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN58774946/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2021-20655",
"datePublished": "2021-02-17T02:05:30",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:45:45.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5639 (GCVE-0-2020-5639)
Vulnerability from nvd – Published: 2020-12-14 02:25 – Updated: 2024-08-04 08:39
VLAI?
Summary
Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed.
Severity ?
No CVSS data available.
CWE
- Directory traversal
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Soliton Systems K.K. | FileZen |
Affected:
versions from V3.0.0 to V4.2.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.soliton.co.jp/support/2020/004278.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN12884935/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/jp/JVN12884935/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FileZen",
"vendor": "Soliton Systems K.K.",
"versions": [
{
"status": "affected",
"version": "versions from V3.0.0 to V4.2.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-14T02:25:53",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.soliton.co.jp/support/2020/004278.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN12884935/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/jp/JVN12884935/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FileZen",
"version": {
"version_data": [
{
"version_value": "versions from V3.0.0 to V4.2.2"
}
]
}
}
]
},
"vendor_name": "Soliton Systems K.K."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.soliton.co.jp/support/2020/004278.html",
"refsource": "MISC",
"url": "https://www.soliton.co.jp/support/2020/004278.html"
},
{
"name": "https://jvn.jp/en/jp/JVN12884935/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN12884935/index.html"
},
{
"name": "https://jvn.jp/jp/JVN12884935/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/jp/JVN12884935/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5639",
"datePublished": "2020-12-14T02:25:53",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0693 (GCVE-0-2018-0693)
Vulnerability from nvd – Published: 2018-11-15 15:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- Directory traversal
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Soliton Systems K.K. | FileZen |
Affected:
V3.0.0 to V4.2.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#95355683",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN95355683/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.soliton.co.jp/support/2018/003328.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FileZen",
"vendor": "Soliton Systems K.K.",
"versions": [
{
"status": "affected",
"version": "V3.0.0 to V4.2.1"
}
]
}
],
"datePublic": "2018-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-16T18:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#95355683",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN95355683/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.soliton.co.jp/support/2018/003328.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0693",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FileZen",
"version": {
"version_data": [
{
"version_value": "V3.0.0 to V4.2.1"
}
]
}
}
]
},
"vendor_name": "Soliton Systems K.K."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#95355683",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN95355683/index.html"
},
{
"name": "https://www.soliton.co.jp/support/2018/003328.html",
"refsource": "MISC",
"url": "https://www.soliton.co.jp/support/2018/003328.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0693",
"datePublished": "2018-11-15T15:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-08-05T03:35:48.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0694 (GCVE-0-2018-0694)
Vulnerability from nvd – Published: 2018-11-15 15:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Soliton Systems K.K. | FileZen |
Affected:
V3.0.0 to V4.2.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.106Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#95355683",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN95355683/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.soliton.co.jp/support/2018/003328.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FileZen",
"vendor": "Soliton Systems K.K.",
"versions": [
{
"status": "affected",
"version": "V3.0.0 to V4.2.1"
}
]
}
],
"datePublic": "2018-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-15T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#95355683",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN95355683/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.soliton.co.jp/support/2018/003328.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FileZen",
"version": {
"version_data": [
{
"version_value": "V3.0.0 to V4.2.1"
}
]
}
}
]
},
"vendor_name": "Soliton Systems K.K."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#95355683",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN95355683/index.html"
},
{
"name": "https://www.soliton.co.jp/support/2018/003328.html",
"refsource": "MISC",
"url": "https://www.soliton.co.jp/support/2018/003328.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0694",
"datePublished": "2018-11-15T15:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-08-05T03:35:49.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2021-000015
Vulnerability from jvndb - Published: 2021-02-16 15:07 - Updated:2021-03-05 17:31
Severity ?
Summary
FileZen vulnerable to OS command injection
Details
FileZen provided by Soliton Systems K.K. is an appliance for secure file transfer and sharing by mail or an web interface.
FileZen contains an OS command injection vulnerability (CWE-78).
Soliton Systems K.K. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Soliton Systems K.K. coordinated under the Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
|
|
||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-000015.html",
"dc:date": "2021-03-05T17:31+09:00",
"dcterms:issued": "2021-02-16T15:07+09:00",
"dcterms:modified": "2021-03-05T17:31+09:00",
"description": "FileZen provided by Soliton Systems K.K. is an appliance for secure file transfer and sharing by mail or an web interface.\r\nFileZen contains an OS command injection vulnerability (CWE-78).\r\n\r\nSoliton Systems K.K. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Soliton Systems K.K. coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-000015.html",
"sec:cpe": {
"#text": "cpe:/a:soliton:filezen",
"@product": "FileZen",
"@vendor": "Soliton Systems K.K.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "9.0",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"@version": "2.0"
},
{
"@score": "9.1",
"@severity": "Critical",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2021-000015",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN58774946/index.html",
"@id": "JVN#58774946",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20655",
"@id": "CVE-2021-20655",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-20655",
"@id": "CVE-2021-20655",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/security/ciadr/vul/20210216-jvn.html",
"@id": "Regarding OS Command Injection vulnerability in FileZen (JVN#58774946)",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "https://www.jpcert.or.jp/english/at/2021/at210009.html",
"@id": "Alert Regarding Vulnerability (CVE-2021-20655) in FileZen",
"@source": "JPCERT"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-78",
"@title": "OS Command Injection(CWE-78)"
}
],
"title": "FileZen vulnerable to OS command injection"
}
JVNDB-2020-000082
Vulnerability from jvndb - Published: 2020-12-10 15:21 - Updated:2020-12-10 15:21
Severity ?
Summary
FileZen vulnerable to directory traversal
Details
FileZen provided by Soliton Systems K.K. is an appliance for secure file transfer and sharing by mail or an web interface.
FileZen contains a directory traversal vulnerability (CWE-22).
Soliton Systems K.K. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Soliton Systems K.K. coordinated under the Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000082.html",
"dc:date": "2020-12-10T15:21+09:00",
"dcterms:issued": "2020-12-10T15:21+09:00",
"dcterms:modified": "2020-12-10T15:21+09:00",
"description": "FileZen provided by Soliton Systems K.K. is an appliance for secure file transfer and sharing by mail or an web interface.\r\nFileZen contains a directory traversal vulnerability (CWE-22).\r\n\r\nSoliton Systems K.K. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Soliton Systems K.K. coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000082.html",
"sec:cpe": {
"#text": "cpe:/a:soliton:filezen",
"@product": "FileZen",
"@vendor": "Soliton Systems K.K.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2020-000082",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN12884935/index.html",
"@id": "JVN#12884935",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5639",
"@id": "CVE-2020-5639",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-5639",
"@id": "CVE-2020-5639",
"@source": "NVD"
},
{
"#text": "https://www.jpcert.or.jp/english/at/2020/at200044.html",
"@id": "Alert Regarding File Data Transfer Appliance FileZen",
"@source": "JPCERT"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-22",
"@title": "Path Traversal(CWE-22)"
}
],
"title": "FileZen vulnerable to directory traversal"
}
JVNDB-2018-000104
Vulnerability from jvndb - Published: 2018-10-15 15:26 - Updated:2019-07-26 17:00
Severity ?
Summary
Multiple vulnerabilities in FileZen
Details
FileZen provided by Soliton Systems K.K. is an appliance for secure file transfer and sharing by mail or an web interface.
FileZen contains multiple vulnerabilities listed below.
* Directory traversal (CWE-22) - CVE-2018-0693
* OS command injection (CWE-78) - CVE-2018-0694
Soliton Systems K.K. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Soliton Systems K.K. coordinated under the Information Security Early Warning Partnership.
References
| Type | URL | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000104.html",
"dc:date": "2019-07-26T17:00+09:00",
"dcterms:issued": "2018-10-15T15:26+09:00",
"dcterms:modified": "2019-07-26T17:00+09:00",
"description": "FileZen provided by Soliton Systems K.K. is an appliance for secure file transfer and sharing by mail or an web interface.\r\nFileZen contains multiple vulnerabilities listed below.\r\n\r\n* Directory traversal (CWE-22) - CVE-2018-0693\r\n* OS command injection (CWE-78) - CVE-2018-0694\r\n\r\nSoliton Systems K.K. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Soliton Systems K.K. coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000104.html",
"sec:cpe": {
"#text": "cpe:/a:soliton:filezen",
"@product": "FileZen",
"@vendor": "Soliton Systems K.K.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "10.0",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
{
"@score": "10.0",
"@severity": "Critical",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2018-000104",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN95355683/index.html",
"@id": "JVN#95355683",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0693",
"@id": "CVE-2018-0693",
"@source": "CVE"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0694",
"@id": "CVE-2018-0694",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0693",
"@id": "CVE-2018-0693",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0694",
"@id": "CVE-2018-0694",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/security/ciadr/vul/20181015-jvn.html",
"@id": "Security Alert for Vulnerabilities in FileZen",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-22",
"@title": "Path Traversal(CWE-22)"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-78",
"@title": "OS Command Injection(CWE-78)"
}
],
"title": "Multiple vulnerabilities in FileZen"
}