CVE-2025-5106

Name of the Vulnerable Software and Affected Versions Fujian Kelixun version 1.0

Description A critical issue has been found in the Filename Handler component, specifically affecting the /app/fax/fax view.php file. The manipulation of the fax file argument leads to os command injection, allowing for remote attacks. The exploit has been publicly disclosed, and the vendor was contacted but did not respond.

Recommendations For Fujian Kelixun version 1.0, as a temporary workaround, consider restricting access to the vulnerable fax view.php file until a patch is available. Additionally, avoid using the fax file argument in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.