CVE-2026-41193

FreeScout · FreeScout

FreeScout before 1.8.215 contains an arbitrary file write vulnerability in the module installation feature due to improper validation of ZIP archive file paths.

Executive summary

An authenticated administrative vulnerability in FreeScout allows arbitrary file writes on the server, posing a critical risk of remote code execution.

Vulnerability

The vulnerability exists in the module installation feature, which fails to validate file paths when extracting ZIP archives. An authenticated administrator can leverage this to write malicious files to arbitrary locations on the server filesystem.

Business impact

With a CVSS score of 9.1, this vulnerability poses a severe threat to the underlying server infrastructure. An attacker with administrative access could achieve remote code execution, leading to full server compromise, persistent backdoors, and total loss of confidentiality, integrity, and availability.

Remediation

Immediate Action: Upgrade FreeScout to version 1.8.215 or later to resolve the archive extraction flaw.

Proactive Monitoring: Inspect the server's web directories and sensitive system paths for the presence of unauthorized or unexpected files created during module installation tasks.

Compensating Controls: Restrict administrative access to the module installation interface to trusted personnel only and ensure the web server service account has minimal filesystem write permissions.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

This vulnerability represents a significant security risk for self-hosted FreeScout instances. Administrators must prioritize the update to version 1.8.215 to prevent potential remote code execution via arbitrary file writes.