Bugtraq mailing list archives
Responsive Filemanager 9.8.1 Authentication Bypass
From: yavuz atlas <yavatlas () gmail com>
Date: Tue, 9 Oct 2018 14:05:08 +0300
I. VULNERABILITY ------------------------- Responsive Filemanager 9.8.1 Authentication Bypass II. CVE REFERENCE ------------------------- CVE-2018-18061 III. VENDOR ------------------------- https://www.responsivefilemanager.com IV. REFERENCES ------------------------- https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-18061 V. CREDIT ------------------------- Yavuz Atlas of Biznet Bilisim http://www.biznet.com.tr/biznet-guvenlik-duyurulari VI. DESCRIPTION ------------------------- Responsive Filemanager version 9.8.1 allows remote attackers to bypass authentication. The vulnerability allows attackers to access file management interface which gives permission to updload, edit and delete files. VII. PROOF OF CONCEPT ------------------------- http://localhost/filemanager/dialog.php is forbidden. But any value with secretkey parameter bypass this restriction. http://localhost/filemanager/dialog.php?secretkey=anything
Current thread:
- Responsive Filemanager 9.8.1 Authentication Bypass yavuz atlas (Oct 09)