CNNVD-202507-2058 Information

Jul 15, 2025 cve

CNNVD ID

CNNVD-202507-2058

CVE-2025-53826

  • CNNVD Published: 2025-07-15

Description (Chinese)

FileBrowser是开源的一款网页文件浏览器。提供指定目录下的文件管理界面,可用于上传、删除、预览、重命名和编辑您的文件。它允许创建多个用户,每个用户可以有自己的目录。它可以用作独立的应用程序或中间件。 FileBrowser 2.39.0版本存在安全漏洞,该漏洞源于身份验证系统存在缺陷,可能导致长期有效的JWT令牌。

Description (English)

FileBrowser is an open source web file browser. Provides a file management interface under a specified directory for uploading, deleting, previewing, renaming and editing your files. It allows the creation of multiple users, each of whom can have its own directory. It can be used as a stand-alone application or intermediate. Version 2.39.0 of FileBrowser has a security loophole, which stems from deficiencies in the identification system, which may lead to the long-term validity of the JWT.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Live Support

Published

2025-07-15

Last Modified

2026-02-24

References

https://github.com/filebrowser/filebrowser/issues/5216 https://github.com/filebrowser/filebrowser/security/advisories/GHSA-7xwp-2cpp-p8r7 https://nvd.nist.gov/vuln/detail/CVE-2025-53826

Patch

https://github.com/filebrowser/filebrowser/releases

Share on: