top of page
perceptive_background_267k.jpg

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the fi…

Published:

6 April 2026 at 22:00:00

Alert date:

7 April 2026 at 18:06:01

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Identity & Access

File Browser, a web-based file management interface, contains a vulnerability prior to version 2.63.1 where users auto-created through proxy authentication are incorrectly granted execution capabilities from global defaults. This occurs because a previous fix that stripped execute permissions from self-registered users was not applied to the proxy auth handler, allowing automatically provisioned accounts to inherit execution rights they should not have. The vulnerability is fixed in version 2.63.1.

Technical details

Mitigation steps:

Affected products:

File Browser

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-35607
https://github.com/filebrowser/filebrowser/pull/5890
https://github.com/filebrowser/filebrowser/security/advisories/GHSA-7526-j432-6ppp

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page