I. VULNERABILITY ------------------------- Responsive Filemanager 9.8.1 Authentication Bypass II. CVE REFERENCE ------------------------- CVE-2018-18061 III. VENDOR ------------------------- https://www.responsivefilemanager.com IV. REFERENCES ------------------------- https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-18061 V. CREDIT ------------------------- Yavuz Atlas of Biznet Bilisim http://www.biznet.com.tr/biznet-guvenlik-duyurulari VI. DESCRIPTION ------------------------- Responsive Filemanager version 9.8.1 allows remote attackers to bypass authentication. The vulnerability allows attackers to access file management interface which gives permission to updload, edit and delete files. VII. PROOF OF CONCEPT ------------------------- http://localhost/filemanager/dialog.php is forbidden. But any value with secretkey parameter bypass this restriction. http://localhost/filemanager/dialog.php?secretkey=anything
