CVE-2026-28269

Medium CVSS: 5.9

Kiteworks is a private data network (PDN). Prior to version 9.2.0, avulnerability in Kiteworks command execution functionality allows authenticated users to redirect command output to arbitrary file locations. This could be exploited to overwrite critical system files and gain elevated access. Version 9.2.0 contains a patch.

Vendor

Accellion

Product

Kiteworks

CWE

CWE-78

Yayın Tarihi

2026-02-26 23:16:36

Güncelleme

2026-03-03 19:53:18

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-78 Kiteworks MEDIUM Accellion 2026

Referanslar

https://github.com/kiteworks/security-advisories/security/advisories/GHSA-6j64-6fpp-9453

Benzer Kayıtlar

Medium

CVE-2026-29092

Kiteworks is a private data network (PDN). Prior to version 9.2.1, a vulnerability in Kiteworks Email Protection Gateway…

Medium

CVE-2026-23635

Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, a misconfiguration of…

Medium

CVE-2026-23636

Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, the manager of a form…

High

CVE-2026-24750

Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, an authenticated attac…

High

CVE-2026-23514

Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerabili…

Medium

CVE-2026-28270

Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows upl…