Unauthenticated Remote Access to Internal Files in Tiny File Manager v2.4.8

Unauthenticated Remote Access to Internal Files in Tiny File Manager v2.4.8

CVE-2022-45475 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to access the application's internal files. This is possible because the application is vulnerable to broken access control.

Learn more about our Internal Network Penetration Testing.