CVE-2020-10212

Name of the Vulnerable Software and Affected Versions Responsive FileManager versions 9.13.4 through 9.14.0

Description The issue allows for Server-Side Request Forgery (SSRF) via the url parameter in the upload.php file. This is due to mishandled file-extension blocking and the possibility of a DNS hostname resolving to an internal IP address. For example, adding a .ico filename to the PATH INFO can lead to a successful SSRF attempt. An attacker could also create a DNS hostname that resolves to the 0.0.0.0 IP address for DNS pinning.

Recommendations For Responsive FileManager versions 9.13.4 through 9.14.0, consider disabling the upload.php file or restricting access to it until a proper fix is applied. Avoid using the url parameter in the upload.php file to minimize the risk of exploitation. As a temporary workaround, restrict the handling of file extensions and DNS hostnames to prevent SSRF attempts.