Vulnerability identifier: #VU36104
Vulnerability risk: Medium
Exploitation vector: Network
Exploit availability: No
The vulnerability allows a remote non-authenticated attacker to manipulate data.
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary directory as a consequence of a paths path traversal mitigation bypass through the delete_folder action in execute.php.
Install update from vendor's website.
Vulnerable software versions
Responsive FileManager: 9.13.4
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?