CVE-2026-25134

Summary

Group-Office is an enterprise customer relationship management and groupware tool. Prior to 6.8.150, 25.0.82, and 26.0.5, the MaintenanceController exposes an action zipLanguage which takes a lang parameter and passes it directly to a system zip command via exec(). This can be combined with uploading a crafted zip file to achieve remote code execution. This vulnerability is fixed in 6.8.150, 25.0.82, and 26.0.5.

Affected Software

VendorProductVersion RangeStatus
Intermeshgroupoffice< 6.8.150affected
Intermeshgroupoffice>= 25.0.0, < 25.0.82affected
Intermeshgroupoffice>= 26.0.0, < 26.0.5affected

Weaknesses

  • CWE-88: CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References