Primary

Context

Kiteworks Command Execution Vulnerability Allowing Arbitrary File Overwrite and Elevated Access

Vulnerability

A command execution vulnerability has been identified in Kiteworks Core versions prior to 9.2.0. This vulnerability allows authenticated users to redirect command output to arbitrary file locations, potentially overwriting critical system files and leading to elevated access. The issue has been patched in version 9.2.0.

Impact

Exploitation of this vulnerability could overwrite important system files, potentially leading to unauthorized access or privileges.

Remediation

Users are advised to upgrade Kiteworks to version 9.2.0 or later.

Added: Feb 26, 2026, 11:23 PM

Updated: Feb 26, 2026, 11:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

0.0

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

0.0

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Kiteworks Command Execution Vulnerability Allowing Arbitrary File Overwrite and Elevated Access

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating