Primary

Context

Kiteworks Core Unrestricted File Upload Vulnerability Prior to Version 9.2.0

Vulnerability

A vulnerability exists in Kiteworks Core versions prior to 9.2.0, allowing for the unrestricted upload of arbitrary files without proper validation. This issue could be exploited by malicious administrators to upload unauthorized file types to the system.

Impact

Exploitation of this vulnerability could lead to the upload of dangerous file types, potentially allowing for further exploitation of the system.

Remediation

Users are advised to upgrade Kiteworks to version 9.2.0 or later.

Added: Feb 27, 2026, 9:23 PM

Updated: Feb 27, 2026, 9:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.8

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.8

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Kiteworks Core Unrestricted File Upload Vulnerability Prior to Version 9.2.0

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating