26 April 2021

Hackers target corporate and government networks via flaws in Soliton FileZen file-sharing servers


Hackers target corporate and government networks via flaws in Soliton FileZen file-sharing servers

Malicious actors are targeting companies and government organizations using two vulnerabilities in the popular file-sharing server Soliton FileZen to steal sensitive data.

The two flaws in question are CVE-2020-5639 and CVE-2021-20655. The first bug is a path traversal issue that allows a remote attacker to conduct directory traversal attacks via a specially crafted HTTP request. The second flaw is an OS command injection issue that allows a remote user to execute arbitrary shell commands on the target system.

Both bugs have been used as part of a widespread hacking campaign, with the Japanese Prime Minister’s Cabinet Office being one of the targets. The breach occurred in January this year when hackers gained unauthorized access to the agency’s FileZen servers and stole confidential personal information for 231 people (name, affiliation, contact information, etc.)

Soliton addressed both flaws in FileZen solutions with the release of firmware versions V4.2.8 and V5.0.3. The company has advised its customers to change all admin account passwords and reset access-control lists.

Back to the list

Latest Posts

One of the US’ largest pipelines halts operations after a ransomware attack

One of the US’ largest pipelines halts operations after a ransomware attack

The "DarkSide" criminal group is believed to be behind the ransomware attack.
10 May 2021
TunnelSnake cyber-espionage campaign deploys unique rootkit to backdoor Windows systems

TunnelSnake cyber-espionage campaign deploys unique rootkit to backdoor Windows systems

The attacks were highly targeted and delivered to less than 10 victims around the world, including large diplomatic organizations in South-East Asia and Africa.
10 May 2021
A bio research institute got infected with Ryuk ransomware because of pirated software

A bio research institute got infected with Ryuk ransomware because of pirated software

The student who wouldn’t pay for licensed software unwittingly opened a door to the ransomware.
10 May 2021