Lucene search
PRIOn knowledge basePRION:CVE-2022-46604HistoryFeb 02, 2023 - 1:15 p.m.
Design/Logic Flaw
2023-02-0213:15:00
PRIOn knowledge base
www.prio-n.com
5
tecrail
filemanager
file extension check
php
arbitrary code execution
security vulnerability
An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| responsive_filemanager | le | 9.9.5 |
References
packetstormsecurity.com/files/171720/Responsive-FileManager-9.9.5-Remote-Shell-Upload.html
github.com/trippo/ResponsiveFilemanager/blob/v9.9.5/filemanager/execute.php
github.com/trippo/ResponsiveFilemanager/blob/v9.9.6/changelog.txt
medium.com/@_sadshade/file-extention-bypass-in-responsive-filemanager-9-5-5-leading-to-rce-authenticated-3290eddc54e7
Related
osv
osv
CVE-2022-46604
2023-02-02 13:15:09
packetstorm
packetstorm
Responsive FileManager 9.9.5 Remote Shell Upload
2023-04-06 00:00:00
nvd
nvd
CVE-2022-46604
2023-02-02 13:15:09
cve
cve
CVE-2022-46604
2023-02-02 13:15:09
zdt
zdt
Responsive FileManager 9.9.5 - Remote Code Execution Exploit
2023-04-05 00:00:00
cvelist
cvelist
CVE-2022-46604
2023-02-02 00:00:00
githubexploit
githubexploit
exploitdb
exploitdb
Responsive FileManager 9.9.5 - Remote Code Execution (RCE)
2023-04-05 00:00:00