CVE-2022-50890

HIGH

Owlfiles File Manager 12.0.1 - Path Traversal

Title source: llm

Description

Owlfiles File Manager 12.0.1 contains a path traversal vulnerability in its built-in HTTP server that allows attackers to access system directories. Attackers can exploit the vulnerability by crafting GET requests with directory traversal sequences to access restricted system directories on the device.

Exploits (1)

exploitdb WORKING POC

by Chokri Hammedi · textwebappsios

https://www.exploit-db.com/exploits/51036

View Code ZIP pw:eip

References (4)

[Product] https://apps.apple.com/us/app/owlfiles-file-manager/id510282524

[Exploit] https://www.exploit-db.com/exploits/51036

[Product] https://www.skyjos.com/

[Third Party Advisory] https://www.vulncheck.com/advisories/owlfiles-file-manager-path-traversal

Scores

CVSS v3 7.5

EPSS 0.0044

EPSS Percentile 63.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (2)

skyjos/owlfiles 12.0.1

Skyjos/Owlfiles File Manager 12.0.1

Published Jan 13, 2026

Tracked Since Feb 18, 2026