Primary

Context

Krajowa Izba Rozliczeniowa SzafirHost Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability exists in SzafirHost versions prior to 1.2.1. The issue arises because SzafirHost verifies the signature of downloaded JAR files using JarInputStream, which reads from the beginning of the file. However, it loads classes using JarFile and URLClassLoader, which read the Central Directory from the end of the file. This discrepancy allows an attacker to combine a legitimate, signed JAR file with a malicious ZIP file, bypassing signature verification and leading to the execution of malicious code.

Impact

Exploitation of this vulnerability allows for remote code execution on the server where SzafirHost is running.

Remediation

Users can upgrade to SzafirHost version 1.2.1 or later to address this vulnerability.

Added: May 15, 2026, 12:54 PM

Updated: May 15, 2026, 12:54 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

8.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

8.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Krajowa Izba Rozliczeniowa SzafirHost Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Krajowa Izba Rozliczeniowa SzafirHost

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating