Main Vulnerability Database Vulnerabilities #VU36551

#VU36551 Improper Authentication in Responsive FileManager - CVE-2018-18061

Published: October 10, 2018 / Updated: August 8, 2020

Vulnerability identifier: #VU36551

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2018-18061

CWE-ID: CWE-287

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Responsive FileManager

Software vendor:
TecRail

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. Attackers can access the file manager interface that provides them with the ability to upload and delete files.

Remediation

Install update from vendor's website.

External links

https://seclists.org/bugtraq/2018/Oct/25

#VU36551 Improper Authentication in Responsive FileManager - CVE-2018-18061

Description

Remediation

External links

Please verify you're human