CVE-2024-25153 CRITICAL

CVE-2024-25153: Remote Code Execution in FileCatalyst Workflow 5.x prior to 5.1.6 Build 114

Vendor Fortra
Product FileCatalyst
Weakness CWE-472
Published March 13, 2024
Last update September 19, 2025

CVSS base score

9.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells.

Key dates

02Disclosure timeline

March 13, 2024 CVE published
September 19, 2025 Record updated