Unrestricted File Upload in FileCatalyst

FI-2025-010 - Unrestricted File Upload in FileCatalyst

Severity

High

Published Date

19-Aug-2025

Updated Date

19-Aug-2025

Vulnerabilities

CVE-2025-8450

Notes

Description

Improper Access Control issue in the Workflow component of Fortra's FileCatalyst allows unauthenticated users to upload arbitrary files via the order forms page.

Vulnerabilities

Unrestricted File Upload in FileCatalyst

Severity

High

CVE

CVE-2025-8450

CWE

CWE-434, CWE-306:Unrestricted Upload of File with Dangerous Type, Missing Authentication for Critical Function

Discovery Date

17-Nov-2023

CSSv3.1

8.2 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H)

Affected Products

5.1.6 through 5.2.0

Vulnerability Notes

Remediation: Vendor Fix

Upgrade to FileCatalyst version 5.2.0 build 130

References

(https://www.cve.org/cverecord?id=CVE-2025-8450)

Unrestricted File Upload in FileCatalyst

FI-2025-010 - Unrestricted File Upload in FileCatalyst

Notes

Vulnerabilities

Vulnerability Notes

References

References

Privacy Policy

Cookie Policy

Accessibility

Impressum