Executive Summary

This vulnerability affects File Browser versions prior to 2.63.6. It allows a low-privileged authenticated user, who has create and delete permissions within their own isolated directory scope, to silently delete share-link records that belong to other users, including administrators. This happens when the user deletes a file in their own directory whose logical path is a byte-prefix of another user's stored share link path. Although the contents of the victim's files are not exposed, the victim's share links are permanently deleted.

Useful 0 Not Useful 0

Compliance Impact

This vulnerability allows a low-privileged authenticated user to delete share-link records belonging to other users, including administrators, without authorization. Although the file contents are not exposed, the irrevocable deletion of share links can disrupt access controls and data sharing mechanisms.

Such unauthorized deletion of share links could impact compliance with standards like GDPR and HIPAA, which require strict controls over data access and integrity. The inability to maintain proper access controls and the potential denial-of-service on share links may lead to violations of data protection and availability requirements mandated by these regulations.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves a low-privileged authenticated user deleting share-link records belonging to other users by exploiting a prefix matching issue in the DELETE operation on files within their own directory.

To detect exploitation attempts on your system, you should monitor DELETE requests made by authenticated users, especially those targeting files whose paths could be byte-prefixes of other users' share links.

Since the vulnerability is triggered by legitimate DELETE operations, detection can focus on unusual patterns of DELETE requests from users with limited permissions, such as multiple DELETE operations on files with short or common prefixes.

Suggested commands or approaches include:

• Review FileBrowser server logs for DELETE HTTP requests and correlate them with user IDs and file paths.
• Use command-line tools like grep or awk to filter logs for DELETE operations, for example: `grep 'DELETE' /path/to/filebrowser/logs`.
• Look for patterns where a user performs DELETE operations on files with paths that are prefixes of other users' share links.
• If you have access to the database or backend storage, query share-link records before and after suspicious DELETE operations to detect unexpected deletions.

Note that no specific detection commands are provided in the resources, so detection relies on monitoring and analyzing DELETE requests and share-link records.

Useful 0 Not Useful 0

Impact Analysis

The impact of this vulnerability is that an attacker with low privileges can irreversibly delete share links created by other users, including administrators. This can disrupt file sharing and collaboration by removing access points to shared files without exposing the file contents themselves.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability, you should upgrade File Browser to version 2.63.6 or later, where the issue is fixed.

Useful 0 Not Useful 0