CVE-2022-44276

CRITICAL

Responsive Filemanager < 9.12.0 - Auth Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-44276. PoCs published by HerrLeStrate.

AI-analyzed exploit summary This PoC demonstrates a file upload restriction bypass in Responsive Filemanager < 9.12.0 by exploiting the `strip_tags` function to rename a file with a malicious extension. The payload is crafted to bypass MIME type checks by prepending non-malicious characters.

Description

In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE.

Exploits (1)

nomisec WORKING POC

by HerrLeStrate · poc

https://github.com/HerrLeStrate/CVE-2022-44276-PoC

View Code ZIP pw:eip

This PoC demonstrates a file upload restriction bypass in Responsive Filemanager < 9.12.0 by exploiting the `strip_tags` function to rename a file with a malicious extension. The payload is crafted to bypass MIME type checks by prepending non-malicious characters.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Responsive Filemanager < 9.12.0

Auth required

Prerequisites: Access to the file upload functionality · Interception capability (e.g., Burp Suite)

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1204 - User Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Patch

https://github.com/HerrLeStrate/CVE-2022-44276-PoC

Scores

CVSS v3 9.8

EPSS 0.0194

EPSS Percentile 77.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-434

Status published

Products (1)

tecrail/responsive_filemanager < 9.12.0

Published Jun 28, 2023

Tracked Since Feb 18, 2026