Main Vulnerability Database Vulnerabilities #VU36551

Improper Authentication in Responsive FileManager - CVE-2018-18061

Published: October 10, 2018 / Updated: August 8, 2020

Vulnerability identifier: #VU36551

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2018-18061

CWE-ID: CWE-287

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Responsive FileManager

Software vendor:
TecRail

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. Attackers can access the file manager interface that provides them with the ability to upload and delete files.

Remediation

Install update from vendor's website.

External links

https://seclists.org/bugtraq/2018/Oct/25

Improper Authentication in Responsive FileManager - CVE-2018-18061

Description

Remediation

External links

Please verify you're human