CVE-2025-2244

Name of the Vulnerable Software and Affected Versions Bitdefender GravityZone Console (affected versions not specified)

Description A vulnerability exists in the sendMailFromRemoteSource method in Emails.php, which unsafely uses the php unserialize() function on user-supplied input without validation. This allows an attacker to craft a malicious serialized payload, triggering PHP object injection, performing a file write, and gaining arbitrary command execution on the host system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.