Fortra Filecatalyst
4 CVEs affecting Fortra Filecatalyst. Latest disclosed: 2025-08-19. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-25153 | Critical | 9.8 | 2024-03-13 | A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ director… |
CVE-2025-8450 | High | 8.2 | 2025-08-19 | Improper Access Control issue in the Workflow component of Fortra's FileCatalyst allows unauthenticated users to upload arbitrary files via the order forms pag… |
CVE-2024-25155 | High | 7.2 | 2024-03-13 | In FileCatalyst Direct 3.8.8 and earlier through 3.8.6, the web server does not properly sanitize illegal characters in a URL which is then displayed on a subs… |
CVE-2024-25154 | Medium | 5.3 | 2024-03-13 | Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier allowing an encoded payload to cause the web server to return files lo… |