Authentication Bypass in Responsive FileManager by Tecrail
CVE-2018-18061

7.5HIGH

Key Information:

Vendor: Tecrail
Status: Responsive Filemanager
Vendor: CVE Published:; 10 October 2018

What is CVE-2018-18061?

A vulnerability in the dialog.php file of Tecrail's Responsive FileManager version 9.8.1 has been identified, allowing attackers to exploit the authentication mechanism. This flaw enables unauthorized users to access the file manager interface, granting them capabilities to upload, modify, and delete files without appropriate permissions. Proper security measures should be implemented to mitigate the risks associated with this vulnerability.

References

https://seclists.org/bugtraq/2018/Oct/25

mailing-listx_refsource_BUGTRAQ

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 10, 2018
Vulnerability Reserved
Oct 8, 2018

CVE-2018-18061 Data

JSON