HTTP: Responsive File Manager ajax_calls.php get_file Directory Traversal
This signature detects attempts to exploit a known vulnerability against Responsive File Manager. A successful attack can lead to Path Traversal.
Extended Description
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, through the get_file action in ajax_calls.php.
Affected Products
Tecrail responsive_filemanager
References
CVE: CVE-2018-20792
Short Name
HTTP:DIR:RESPONSIVE-FILE-MGR
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2018-20792 Directory File Manager Responsive Traversal ajax_calls.php get_file
Release Date
06/04/2019
Supported Platforms
mx-19.3
vmx-19.3
vsrx-19.2
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vmx-19.4
mx-19.4
srxevo-25.4
vsrx-26.2
srx-26.2
srx-branch-26.2
vsrx3bsd-26.2
mx-12.3
srx-12.3
srx-branch-12.3
vsrx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Tecrail
CVSS Score
5.0