Threat Encyclopedia

Filebrowser.HTTP.Header.Handling.CSRF

description-logoDescription

This indicates an attack attempt to exploit a Cross-Site Request Forgery Vulnerability in Filebrowser.
A remote attacker can exploit these vulnerabilities by enticing a target user into clicking a malicious link or visiting a crafted web page. Successful exploitation results in the target user taking actions on behalf of the attacker to create users. Successfully exploiting this vulnerability could result in remote code execution in the context of the target system.

affected-products-logoAffected Products

Filebrowser before 2.18.0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://filebrowser.org/

CVE References

CVE-2021-46398

Other References

EXP-2022-0028

Telemetry logoTelemetry