CVE-2025-53899 Kiteworks MFT is vulnerable to an Incorrectly Specified Destination in a Communication Channel

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, the back-end of Kiteworks MFT is vulnerable to an incorrectly specified destination in a communication channel which allows an attacker with administrative privileges on the system under certain circumstances t...

CVE-2025-53899 Kiteworks MFT is vulnerable to an Incorrectly Specified Destination in a Communication Channel

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, the back-end of Kiteworks MFT is vulnerable to an incorrectly specified destination in a communication channel which allows an attacker with administrative privileges on the system under certain circumstances t...

CVE-2025-53899

CVE-2025-53899 affects Kiteworks MFT prior to version 9.1.0. The back-end suffers from an incorrectly specified destination in a communication channel, which could allow an attacker with administrative privileges to intercept upstream communication and potentially escalate privileges. The issue i...

EUVD-2025-199896

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, the back-end of Kiteworks MFT is vulnerable to an incorrectly specified destination in a communication channel which allows an attacker with administrative privileges on the system under certain circumstances t...

EUVD-2025-199897

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, this vulnerability could allow an external attacker to gain access to log information from the system by tricking an administrator into browsing a specifically crafted fake page of Kiteworks MFT. This issue has...

CVE-2025-53897 Kiteworks MFT has a Cross-Site Request Forgery (CSRF) vulnerability

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, this vulnerability could allow an external attacker to gain access to log information from the system by tricking an administrator into browsing a specifically crafted fake page of Kiteworks MFT. This issue has...

CVE-2025-53897

CVE-2025-53897 affects Kiteworks MFT prior to 9.1.0. A crafted fake page could trick an administrator into visiting it, allowing an external attacker to access log information from the system. The issue is resolved in version 9.1.0. Affected product/version details and remediation are supported b...

CVE-2025-53897 Kiteworks MFT has a Cross-Site Request Forgery (CSRF) vulnerability

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, this vulnerability could allow an external attacker to gain access to log information from the system by tricking an administrator into browsing a specifically crafted fake page of Kiteworks MFT. This issue has...

CVE-2025-53897 Kiteworks MFT has a Cross-Site Request Forgery (CSRF) vulnerability

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, this vulnerability could allow an external attacker to gain access to log information from the system by tricking an administrator into browsing a specifically crafted fake page of Kiteworks MFT. This issue has...

CVE-2025-53896

CVE-2025-53896 affects Kiteworks MFT prior to version 9.1.0. A bug could allow a user’s active session to fail to time out after inactivity under certain conditions. Red Hat and other sources confirm the issue and its patch in version 9.1.0. Impact details are limited to session expiration misbeh...

CVE-2025-53896 Kiteworks MFT is vulnerable to Insufficient Session Expiration

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, a bug in Kiteworks MFT could cause under certain circumstances that a user's active session would not properly time out due to inactivity. This issue has been patched in version 9.1.0...

CVE-2025-53896 Kiteworks MFT is vulnerable to Insufficient Session Expiration

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, a bug in Kiteworks MFT could cause under certain circumstances that a user's active session would not properly time out due to inactivity. This issue has been patched in version 9.1.0...

CVE-2025-53896 Kiteworks MFT is vulnerable to Insufficient Session Expiration

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, a bug in Kiteworks MFT could cause under certain circumstances that a user's active session would not properly time out due to inactivity. This issue has been patched in version 9.1.0...

EUVD-2025-199898

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, a bug in Kiteworks MFT could cause under certain circumstances that a user's active session would not properly time out due to inactivity. This issue has been patched in version 9.1.0...

Kiteworks Mft 跨站请求伪造漏洞

Kiteworks Mft is a software for securely managing internal and external data transfers from Kiteworks, Inc. A cross-site request forgery vulnerability exists in Kiteworks Mft versions prior to 9.1.0, which stems from the possibility that an administrator could be tricked into visiting a specially...

Kiteworks Mft 安全漏洞

Kiteworks Mft is a software for securely managing internal and external data transfers from Kiteworks USA. A security vulnerability exists in Kiteworks MFT versions prior to 9.1.0, which stems from improperly defined communication channel targets and could result in elevated privileges...

PT-2025-48357

Name of the Vulnerable Software and Affected Versions Kiteworks MFT versions prior to 9.1.0 Description Kiteworks MFT orchestrates end-to-end file transfer workflows. A flaw exists where a user’s active session may not properly time out due to inactivity under certain circumstances. This issue wa...

Kiteworks 输入验证错误漏洞

Kiteworks is a secure private network data software from Kiteworks, Inc. An input validation error vulnerability exists in versions of Kiteworks prior to 9.1.0 that stems from improper input validation and could result in elevated privileges on shared folders...

PT-2025-48358

Name of the Vulnerable Software and Affected Versions Kiteworks MFT versions prior to 9.1.0 Description Kiteworks MFT orchestrates end-to-end file transfer workflows. Versions of the software prior to 9.1.0 contain a flaw that could allow an external attacker to access log information from the...

PT-2025-48361

Name of the Vulnerable Software and Affected Versions Kiteworks MFT versions prior to 9.1.0 Description Kiteworks MFT orchestrates end-to-end file transfer workflows. Versions of Kiteworks MFT before 9.1.0 have an issue where an incorrectly specified destination in a communication channel could...