A vulnerability, which was classified as critical , has been found in efwGrp efw4.X up to 4.08.9 . The affected element is the function zipEntry.getName . The manipulation leads to command injection. This vulnerability is listed as CVE-2026-44257 . The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.