A high-severity vulnerability has been discovered in multiple products from the vendor Dosage. This flaw could allow a remote attacker to execute arbitrary code on a system running the affected software, leading to a full system compromise. Successful exploitation could result in data theft, installation of malicious software, or further network intrusion.

The vulnerability exists in the way the Dosage application processes comic strip data from online sources. An attacker can craft a malicious comic strip definition or compromise a legitimate comic website to include specially crafted data. When the Dosage application attempts to download or archive this malicious content, it improperly sanitizes input, leading to a command injection flaw that allows the attacker to execute arbitrary commands with the privileges of the user running the application.

This vulnerability is rated as High severity with a CVSS score of 8.8. A successful exploit could lead to a complete compromise of the workstation or server where the Dosage software is installed. The potential business impact includes the theft of sensitive data residing on the compromised system, deployment of ransomware leading to operational disruption, and the use of the compromised system as a pivot point to attack other assets within the corporate network. This poses a significant risk of data breach, financial loss, and reputational damage.

Immediate Action: Apply vendor security updates immediately across all systems running the affected Dosage software. After patching, monitor systems for any signs of post-compromise activity and review historical access and application logs for indicators of exploitation that may have occurred prior to remediation.

Proactive Monitoring: Monitor for unusual outbound network traffic originating from the Dosage application process. Scrutinize process execution logs for unexpected child processes being spawned by Dosage (e.g., cmd.exe, powershell.exe, /bin/sh). An increase in file write operations outside of the application's designated archive directory should also be investigated.

Compensating Controls: If immediate patching is not feasible, consider implementing the following controls:

• Run the Dosage application in a sandboxed or containerized environment to limit its access to the underlying operating system and network.
• Implement strict egress filtering to block unexpected outbound connections from the host system, which could prevent a successful exploit from establishing a command-and-control channel.
• Use application whitelisting solutions to prevent the Dosage process from executing unauthorized commands or binaries.

Public Exploit Available: false

Given the high severity (CVSS 8.8) of this vulnerability, we recommend that organizations treat this as a critical priority. Although CVE-2025-64184 is not currently listed on the CISA KEV catalog, the risk of remote code execution warrants immediate action. All affected Dosage products must be patched without delay. Do not wait for evidence of active exploitation, as the first indication of an attack may be a full system compromise.