Primary

Context

Xerox FreeFlow Core Path Traversal Vulnerability Leading to Remote Code Execution

Vulnerability

Patched

A path traversal vulnerability has been identified in Xerox FreeFlow Core version 8.0.4. This vulnerability allows an attacker to access unauthorized files on the server, potentially leading to remote code execution by enabling the attacker to execute arbitrary commands on the system.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected system.

Remediation

Users are advised to upgrade to Xerox FreeFlow Core version 8.0.5, available through the Xerox support website.

Added: Aug 8, 2025, 4:17 PM

Updated: Aug 8, 2025, 4:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

7.0

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

7.0

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Xerox FreeFlow Core Path Traversal Vulnerability Leading to Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

Xerox FreeFlow Core

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating