CVE-2025-9060

Name of the Vulnerable Software and Affected Versions: MSoft MFlash version 8.0

Description: A vulnerability has been found in MSoft MFlash that allows execution of arbitrary code on the server. The issue occurs in the integration configuration functionality, which is only available to administrators. The vulnerability is related to insufficient validation of parameters when setting up security components.

Recommendations: Apply MSoft MFlash 8.2-653 hotfix 11.06.2025 and above.