CVE-2025-51663

Name of the Vulnerable Software and Affected Versions FileCodeBox versions up to 2.2

Description A flaw exists in the IPRateLimit implementation of FileCodeBox. This allows remote attackers to circumvent ip-based rate limit protection and failed attempt restrictions by manipulating the X-Real-IP and X-Forwarded-For HTTP headers. Successful exploitation could enable attackers to conduct Denial-of-Service (DoS) attacks or brute-force share codes. The vulnerable component is the IPRateLimit function.

Recommendations Versions prior to 2.2 should be updated.