CVE-2025-52900 in filebrowserИнформация

Сводка

по MITRE • 26.06.2025

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the database used by File Browser. On standard servers using File Browser prior to version 2.33.7 where the umask configuration has not been hardened before, this makes all the stated files readable by any operating system account. Version 2.33.7 fixes the issue.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Ответственный

GitHub M

Резервировать

20.06.2025

Раскрытие

26.06.2025

Модерация

принято

Вход

VDB-314001

EPSS

0.00190

KEV

Нет

Деятельности

Очень низкий

Источники

Want to stay up to date on a daily basis?

Enable the mail alert feature now!