- Description
- The KFOX from KingFor has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privilege to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
- Source
- twcert@cert.org.tw
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 8.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- twcert@cert.org.tw
- CWE-434
- Hype score
- Not currently trending
CVE-2025-4561 (CVSS:8.7, HIGH) is Awaiting Analysis. The KFOX from KingFor has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privilege to up..https://t.co/3Vx5FwQmWU #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
17 May 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4561 The KFOX from KingFor has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privilege to upload and execute web shell backdoors, thereby en… https://t.co/puc1MM8IUw
@CVEnew
12 May 2025
532 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-4561: HIGH] Arbitrary File Upload vulnerability in KFOX system by KingFor enables attackers to upload web shell backdoors, leading to arbitrary code execution on the server. #CyberSecurity#cve,CVE-2025-4561,#cybersecurity https://t.co/s6HrErm8AV https://t.co/WOWigoDsav
@CveFindCom
12 May 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes