CVE-2017-20145

A vulnerability was found in Tecrail Responsive Filemanger up to 9.10.x and classified as critical. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 9.11.0 is able to address this issue. It is recommended to upgrade the affected component.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
VulDBCNA
6.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
Affected Products (NVD)
VendorProductVersion
tecrailresponsive_filemanager
𝑥
≤ 9.11.0
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
tecrailresponsive_filemanger
9.0
CNA
tecrailresponsive_filemanger
9.1
CNA
tecrailresponsive_filemanger
9.2
CNA
tecrailresponsive_filemanger
9.3
CNA
tecrailresponsive_filemanger
9.4
CNA
tecrailresponsive_filemanger
9.5
CNA
tecrailresponsive_filemanger
9.6
CNA
tecrailresponsive_filemanger
9.7
CNA
tecrailresponsive_filemanger
9.8
CNA
tecrailresponsive_filemanger
9.9
CNA
tecrailresponsive_filemanger
9.10
CNA
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2017/Feb/19
https://vuldb.com/?id.96818
http://seclists.org/fulldisclosure/2017/Feb/19
https://vuldb.com/?id.96818