282 matches found
EUVD-2026-9065
Kiteworks is a private data network PDN. Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows uploading of arbitrary files without proper validation. Malicious administrators could exploit this to upload unauthorized file types to the system. Version 9.2.0 contains a patch fo...
CVE-2026-28270 Kiteworks Core has an Unrestricted Upload of File with Dangerous Type
Kiteworks is a private data network PDN. Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows uploading of arbitrary files without proper validation. Malicious administrators could exploit this to upload unauthorized file types to the system. Version 9.2.0 contains a patch fo...
CVE-2026-28270 Kiteworks Core has an Unrestricted Upload of File with Dangerous Type
Kiteworks is a private data network PDN. Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows uploading of arbitrary files without proper validation. Malicious administrators could exploit this to upload unauthorized file types to the system. Version 9.2.0 contains a patch fo...
CVE-2026-28270 Kiteworks Core has an Unrestricted Upload of File with Dangerous Type
Kiteworks is a private data network PDN. Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows uploading of arbitrary files without proper validation. Malicious administrators could exploit this to upload unauthorized file types to the system. Version 9.2.0 contains a patch fo...
PT-2026-22395
Name of the Vulnerable Software and Affected Versions Kiteworks versions prior to 9.2.0 Description A flaw exists in the configuration functionality of Kiteworks, a private data network PDN, that allows bypassing of Server-Side Request Forgery SSRF protections through DNS rebinding attacks. A...
PT-2026-22396
Name of the Vulnerable Software and Affected Versions Kiteworks versions prior to 9.2.0 Description Kiteworks Email Protection Gateway contains a flaw that allows authenticated administrators to inject malicious scripts through a configuration interface. These scripts execute when users interact...
PT-2026-22394
Name of the Vulnerable Software and Affected Versions Kiteworks versions prior to 9.2.0 Description Kiteworks is a private data network. Prior to version 9.2.0, a configuration issue allows the upload of arbitrary files without proper validation. A malicious administrator could exploit this to...
Kiteworks 跨站脚本漏洞
Kiteworks is a security private network data software developed by Kiteworks Corporation in the United States. Versions of Kiteworks prior to 9.2.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from defects in the configuration interface of Email Protection Gateway,...
Kiteworks 代码问题漏洞
Kiteworks is a security private network data software developed by Kiteworks Corporation in the United States. Versions of Kiteworks prior to 9.2.0 contained code-related vulnerabilities. These vulnerabilities stemmed from defects in the configuration functionality, which could allow the upload o...
Kiteworks 代码问题漏洞
Kiteworks is a security private network data software developed by Kiteworks Corporation in the United States. Versions of Kiteworks prior to 9.2.0 contained code vulnerabilities. These vulnerabilities stemmed from defects in the configuration functionality, which could allow attacks via DNS...
CVE-2026-28269
Kiteworks is a private data network PDN. Prior to version 9.2.0, avulnerability in Kiteworks command execution functionality allows authenticated users to redirect command output to arbitrary file locations. This could be exploited to overwrite critical system files and gain elevated access...
CVE-2026-28269
Kiteworks Core is affected by an OS command injection vulnerability in its command execution feature prior to version 9.2.0. Authenticated users could redirect command output to arbitrary file locations, potentially overwriting critical system files and gaining elevated access. The issue is addre...
CVE-2026-28269 Kiteworks Core has an OS Command Injection
Kiteworks is a private data network PDN. Prior to version 9.2.0, avulnerability in Kiteworks command execution functionality allows authenticated users to redirect command output to arbitrary file locations. This could be exploited to overwrite critical system files and gain elevated access...
CVE-2026-28269 Kiteworks Core has an OS Command Injection
Kiteworks is a private data network PDN. Prior to version 9.2.0, avulnerability in Kiteworks command execution functionality allows authenticated users to redirect command output to arbitrary file locations. This could be exploited to overwrite critical system files and gain elevated access...
CVE-2026-28269
Kiteworks is a private data network PDN. Prior to version 9.2.0, avulnerability in Kiteworks command execution functionality allows authenticated users to redirect command output to arbitrary file locations. This could be exploited to overwrite critical system files and gain elevated access...
CVE-2026-28269 Kiteworks Core has an OS Command Injection
Kiteworks is a private data network PDN. Prior to version 9.2.0, avulnerability in Kiteworks command execution functionality allows authenticated users to redirect command output to arbitrary file locations. This could be exploited to overwrite critical system files and gain elevated access...
EUVD-2026-8918
Kiteworks is a private data network PDN. Prior to version 9.2.0, avulnerability in Kiteworks command execution functionality allows authenticated users to redirect command output to arbitrary file locations. This could be exploited to overwrite critical system files and gain elevated access...
Kiteworks 操作系统命令注入漏洞
Kiteworks is a security private network data software developed by Kiteworks Corporation in the United States. Versions of Kiteworks prior to 9.2.0 contained an operating system command injection vulnerability. This vulnerability stemmed from the command execution feature, which allowed...
PT-2026-22221
Name of the Vulnerable Software and Affected Versions Kiteworks versions prior to 9.2.0 Description Kiteworks, a private data network, contains a flaw in its command execution functionality. Authenticated users can redirect command output to arbitrary file locations, potentially overwriting...
CVE-2021-31585
Accellion Kiteworks before 7.3.1 allows a user with Admin privileges to escalate their privileges by generating SSH passwords that allow local access...