CVE-2025-5106 | Fujian Kelixun 1.0 Filename /app/fax/fax_view.php fax_file os command injection

A vulnerability was found in Fujian Kelixun 1.0. It has been classified as critical. This affects an unknown part of the file /app/fax/fax_view.php of the component Filename Handler. The manipulation of the argument fax_file leads to os command injection.

This vulnerability is uniquely identified as CVE-2025-5106. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-5106 | Fujian Kelixun 1.0 Filename /app/fax/fax_view.php fax_file os command injection

Post correlati

CVE-2024-34205 | Totolink CP450 4.1.0cu.747_B20191224 download_firmware command injection

CVE-2024-12300 | AR Plugin up to 7.3 on WordPress unrestricted upload

CVE-2024-1759 | WP ULike Plugin up to 4.6.9 on WordPress cross site scripting

CVE-2024-39699 | Directus up to 10.9.2 server-side request forgery