Unknown · Pingvin Share · CVE-2025-22137
**Name of the Vulnerable Software and Affected Versions**
Pingvin Share versions prior to 1.4.0
**Description**
This issue allows an authenticated or unauthenticated user to overwrite arbitrary files on the server, including sensitive system files, via HTTP POST requests.
**Recommendations**
For versions prior to 1.4.0, update to version 1.4.0 to resolve the issue. As a temporary workaround, consider restricting access to the server or disabling anonymous shares to minimize the risk of exploitation.