Fortra FileCatalyst Improper Access Control Vulnerability Allowing Unauthenticated File Upload

Vulnerability

A vulnerability in the Workflow component of Fortra's FileCatalyst has been identified, allowing improper access control that enables unauthenticated users to upload arbitrary files. This issue arises on the order forms page and affects FileCatalyst versions 5.1.6 through 5.2.0 Build 80, across Windows, MacOS, and Linux platforms.

Impact

Exploitation of this vulnerability could lead to unrestricted file upload, allowing potentially malicious files to be uploaded to the server.

Added: Aug 19, 2025, 7:02 PM

Updated: Aug 19, 2025, 7:02 PM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortra FileCatalyst Improper Access Control Vulnerability Allowing Unauthenticated File Upload

Vulnerability

Impact

Affected Products

Fortra FileCatalyst

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating