{"id":68200,"date":"2025-08-15T21:32:42","date_gmt":"2025-08-15T18:02:42","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-9060-msoft-mflash-remote-code-execution-vulnerability\/"},"modified":"2025-08-15T21:32:42","modified_gmt":"2025-08-15T18:02:42","slug":"cve-2025-9060-msoft-mflash-remote-code-execution-vulnerability","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-9060-msoft-mflash-remote-code-execution-vulnerability\/","title":{"rendered":"CVE-2025-9060 &#8211; MSoft MFlash Remote Code Execution Vulnerability"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-9060<br \/>\n<br \/>\n<strong>Published : <\/strong> Aug. 15, 2025, 5:15 p.m. | 44\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>A vulnerability has been found in the \u00a0MSoft MFlash<\/p>\n<p> application that allows<br \/>\nexecution of arbitrary code on the server. The issue occurs in the<br \/>\nintegration configuration functionality that is only available to<br \/>\nMFlash<\/p>\n<p> administrators. The vulnerability is related to insufficient validation<br \/>\n of parameters when setting up security components.<\/p>\n<p>This issue affects MFlash v. 8.0 and possibly others. To mitigate apply\u00a08.2-653 hotfix 11.06.2025 and above.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 9.1 | CRITICAL<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-9060 Published : Aug. 15, 2025, 5:15 p.m. | 44\u00a0minutes ago Description : A vulnerability has been found in the \u00a0MSoft MFlash application that allows execution of arbitrary code on the server. The issue occurs in the integration configuration functionality that is only available to MFlash administrators. The vulnerability is related to &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-68200","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/68200","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=68200"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/68200\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=68200"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=68200"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=68200"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}