Exploitation Summary
EIP tracks 3 public exploits for CVE-2021-40964. PoCs published by Z3R0space, Z3R0-0x30.
AI-analyzed exploit summary This repository contains a functional Bash script that exploits CVE-2021-40964, an authenticated RCE vulnerability in Tiny File Manager <= 2.4.6. The exploit leverages weak upload validation and webroot disclosure to upload a malicious PHP shell, enabling remote command execution.
Description
A Path Traversal vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload a file (with Admin credentials or with the CSRF vulnerability) with the "fullpath" parameter containing path traversal strings (../ and ..\) in order to escape the server's intended working directory and write malicious files onto any directory on the computer.
Exploits (3)
This repository contains a functional Bash script that exploits CVE-2021-40964, an authenticated RCE vulnerability in Tiny File Manager <= 2.4.6. The exploit leverages weak upload validation and webroot disclosure to upload a malicious PHP shell, enabling remote command execution.
This is a functional Bash script that exploits CVE-2021-40964 in Tiny File Manager <= 2.4.6, leveraging authenticated arbitrary file upload and path disclosure to achieve remote code execution via a PHP web shell.
This script exploits an authenticated RCE vulnerability in Tiny File Manager <= 2.4.6 by leveraging a path traversal flaw to upload a malicious PHP shell. It first authenticates, leaks the webroot path via a full path disclosure bug, and then uploads a shell to achieve remote command execution.
References (3)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N