CVE-2026-44257 | efwGrp efw4.X up to 4.08.9 zipEntry.getName command injection

A vulnerability, which was classified as critical, has been found in efwGrp efw4.X up to 4.08.9. The affected element is the function zipEntry.getName. The manipulation leads to command injection.

This vulnerability is listed as CVE-2026-44257. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More