CVE-2026-33071
MEDIUM
4,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: none
Description
AI Translation Available
FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, the WebDAV upload endpoint accepts any file extension including .phtml, .php5, .htaccess, and other server-side executable types, bypassing the filename validation enforced by the regular upload path. In non-default deployments lacking Apache's LocationMatch protection, this leads to remote code execution. When files are uploaded via WebDAV, the createFile() method in FileRiseDirectory.php and the put() method in FileRiseFile.php accept the filename directly from the WebDAV client without any validation. In contrast, the regular upload endpoint in UploadModel::upload() validates filenames against REGEX_FILE_NAME. This issue is fixed in version 3.8.0.
434
Unrestricted Upload of File with Dangerous Type
DraftCommon Consequences
Security Scopes Affected:
Integrity
Confidentiality
Availability
Potential Impacts:
Execute Unauthorized Code Or Commands
Applicable Platforms
Languages:
ASP.NET, Not Language-Specific, PHP
Technologies:
Web Server
552
Files or Directories Accessible to External Parties
DraftCommon Consequences
Security Scopes Affected:
Confidentiality
Integrity
Potential Impacts:
Read Files Or Directories
Modify Files Or Directories
Applicable Platforms
Technologies:
Cloud Computing, Not Technology-Specific
https://github.com/error311/FileRise/releases/tag/v3.8.0
https://github.com/error311/FileRise/security/advisories/GHSA-46gv-gf5f-wvr2