CVE-2022-26960

CRITICAL NUCLEI

std42 elFinder <2.1.60 - Path Traversal

Title source: llm

Description

connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.

Nuclei Templates (1)

elFinder <=2.1.60 - Local File Inclusion

CRITICALVERIFIEDby pikpikcu

References (3)

[Patch, Third Party Advisory] https://github.com/Studio-42/elFinder/commit/3b758495538a448ac8830ee3559e7fb2c260c6db

View Patch ZIP pw:eip

[Exploit, Technical Description, Third Party Advisory] https://www.synacktiv.com/publications/elfinder-the-story-of-a-repwning.html

[Product] https://www.synacktiv.com/publications.html

Scores

CVSS v3 9.1

EPSS 0.8415

EPSS Percentile 99.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-22

Status published

Products (2)

std42/elfinder < 2.1.61

studio-42/elfinder 0 - 2.1.61Packagist

Published Mar 21, 2022

Tracked Since Feb 18, 2026