CVE-2026-25231
Published: 09 February 2026
Summary
CVE-2026-25231 is a high-severity Improper Access Control (CWE-284) vulnerability in Filerise Filerise. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 33.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).
Deeper analysis
CVE-2026-25231 is an unauthenticated file read vulnerability in FileRise, a self-hosted web file manager and WebDAV server. Affecting versions prior to 3.3.0, the issue arises from a lack of access control on the /uploads directory, allowing files uploaded to this directory to be accessed directly by any user who knows or can guess the file path without requiring authentication. This can lead to exposure of sensitive data and privacy breaches. The vulnerability is rated 7.5 on the CVSS v3.1 scale (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and maps to CWEs 284 (Improper Access Control) and 552 (Files or Directories Accessible to External Parties).
Unauthenticated attackers with network access can exploit this vulnerability due to its low attack complexity and lack of required privileges or user interaction. By directly accessing known or guessed file paths in the /uploads directory, attackers can read arbitrary files, achieving high confidentiality impact without affecting integrity or availability.
The vulnerability is addressed in FileRise version 3.3.0. Mitigation details are provided in the GitHub security advisory at https://github.com/error311/FileRise/security/advisories/GHSA-hv99-77cw-hvpr and the release notes at https://github.com/error311/FileRise/releases/tag/v3.3.0.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-6495
Vulnerability details
FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 3.3.0, the application contains an unauthenticated file read vulnerability due to the lack of access control on the /uploads directory. Files uploaded to this directory can be…
more
accessed directly by any user who knows or can guess the file path, without requiring authentication. As a result, sensitive data could be exposed, and privacy may be breached. This vulnerability is fixed in 3.3.0.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unauthenticated remote file read in public-facing web file manager directly maps to exploitation of T1190; resulting access to local filesystem paths enables T1005 data collection from the system.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces approved authorizations for logical access to system resources like the /uploads directory, directly mitigating the lack of access control allowing unauthenticated file reads.
Limits and explicitly identifies permitted actions without identification or authentication, preventing unauthenticated access to files via known or guessed paths in /uploads.
Designates and reviews publicly accessible content to ensure sensitive uploaded files are not exposed without authorization in directories like /uploads.