CVE-2020-10212

2020-03-0700:15:13

Google

osv.dev

6.7 Medium

AI Score

Confidence

Low

0.962 High

EPSS

Percentile

99.5%

JSON

upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. For example, an SSRF attempt may succeed if a .ico filename is added to the PATH_INFO. Also, an attacker could create a DNS hostname that resolves to the 0.0.0.0 IP address for DNS pinning. NOTE: this issue exists because of an incomplete fix for CVE-2018-14728.

CPENameOperatorVersion
responsivefilemanagereq9.12.2
responsivefilemanagereq9.13.3
responsivefilemanagereq9.10.0
responsivefilemanagereq9.9
responsivefilemanagereq9.13.4
responsivefilemanagereq9.9.4
responsivefilemanagereq9.10.1
responsivefilemanagereq9.9.5
responsivefilemanagereq9.11.3
responsivefilemanagereq9.9.1

Name	Operator	Version
responsivefilemanager	eq	9.12.2
responsivefilemanager	eq	9.13.3
responsivefilemanager	eq	9.10.0
responsivefilemanager	eq	9.9
responsivefilemanager	eq	9.13.4
responsivefilemanager	eq	9.9.4
responsivefilemanager	eq	9.10.1
responsivefilemanager	eq	9.9.5
responsivefilemanager	eq	9.11.3
responsivefilemanager	eq	9.9.1