ResponsiveFileManager-CVE-2022-46604

Responsive FileManager v.9.9.5 vulnerable to CVE-2022-46604 (File Creation Extension Bypass which leads to RCE).

The current exploit is made in Python 3 and exploits the vulnerability to upload a webshell which allows the remote execution of commands in the vulnerable host.

References

Exploit Database (Exploit-DB): https://www.exploit-db.com/exploits/51251
Packet Storm Security: https://packetstormsecurity.com/files/171720/Responsive-FileManager-9.9.5-Remote-Shell-Upload.html

Name	Name	Last commit message	Last commit date
Latest commit galoget Update README.md to include Exploit-DB and PacketStorm links Apr 9, 2023 63bf68e · Apr 9, 2023 History 4 Commits
.gitignore	.gitignore	Initial commit	Feb 3, 2023
CVE-2022-46604-exploit-PoC.png	CVE-2022-46604-exploit-PoC.png	Upload exploit, requirements.txt, Dockerfile, PoC PNG, RFM 9.9.5 ZIP	Feb 3, 2023
CVE-2022-46604-exploit.py	CVE-2022-46604-exploit.py	Update comments.	Apr 9, 2023
Dockerfile	Dockerfile	Upload exploit, requirements.txt, Dockerfile, PoC PNG, RFM 9.9.5 ZIP	Feb 3, 2023
LICENSE	LICENSE	Initial commit	Feb 3, 2023
README.md	README.md	Update README.md to include Exploit-DB and PacketStorm links	Apr 9, 2023
requirements.txt	requirements.txt	Upload exploit, requirements.txt, Dockerfile, PoC PNG, RFM 9.9.5 ZIP	Feb 3, 2023
responsive_filemanager_v9.9.5.zip	responsive_filemanager_v9.9.5.zip	Upload exploit, requirements.txt, Dockerfile, PoC PNG, RFM 9.9.5 ZIP	Feb 3, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

ResponsiveFileManager-CVE-2022-46604

References

Demo

About

Languages

License

galoget/ResponsiveFileManager-CVE-2022-46604

Folders and files

Latest commit

History

Repository files navigation

ResponsiveFileManager-CVE-2022-46604

References

Demo

About

Topics

Resources

License

Stars

Watchers

Forks

Languages