Primary

Context

FNT Command Code Execution Vulnerability in C Base Module

Vulnerability

A code execution vulnerability has been identified in FNT Command version 13.4.0, through the C Base Module. This issue allows authenticated users to upload malicious files that are not properly validated, which can then be executed on the server with the application's privileges.

Impact

Exploitation of this vulnerability allows for arbitrary file uploads that can be executed as operating system commands, leading to remote code execution on the FNT Command server. This could result in a full compromise of the affected instance, including unauthorized access to data, potential modification of that data, or further lateral movement within the server environment, depending on the privileges held.

Remediation

Users can upgrade to FNT Command version 13.4.1 or later, where this vulnerability has been fixed.

Added: Dec 15, 2025, 4:27 PM

Updated: Dec 15, 2025, 6:38 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FNT Command Code Execution Vulnerability in C Base Module

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating