A critical remote code execution vulnerability in Alexantr filemanager v.1.0 permits unauthenticated attackers to gain full control of the host server.

The vulnerability resides in the filemanager.php file, which fails to adequately sanitize user input, enabling an unauthenticated remote attacker to inject and execute arbitrary code. This flaw allows for complete system compromise if the file manager is exposed to the internet.

A CVSS score of 9.1 highlights the extreme risk associated with this vulnerability, as it allows for full server takeover, data theft, and lateral movement within the network. The ability to execute arbitrary code without authentication provides an attacker with total control over the affected environment, leading to severe reputational and operational damage.

Immediate Action: Discontinue use of Alexantr filemanager v.1.0 immediately or isolate the component from all network access until a security update is applied.

Proactive Monitoring: Inspect server logs for suspicious PHP execution patterns or files created in the web directory that were not authorized by administrative staff.

Compensating Controls: Deploy a Web Application Firewall (WAF) with rules configured to detect and block common code injection attempts targeting file management utilities.

Public Exploit Available: false

This vulnerability presents a severe risk to any environment hosting this file manager. Immediate removal or patching is required to prevent unauthorized system access. Security teams should prioritize identifying any instances of this software within their infrastructure and ensuring they are either updated or decommissioned.