CVE-2025-46002 is a directory traversal vulnerability affecting Filemanager version 2.5.0 and earlier. The vulnerability arises from insufficient input validation in the filemanager.php endpoint, which allows an attacker to craft a malicious HTTP request that traverses directories outside the intended file management scope. By exploiting this flaw, an attacker can potentially access sensitive files on the server's filesystem that should be inaccessible, such as configuration files, password stores, or other critical data. Directory traversal vulnerabilities do not inherently allow code execution but can lead to significant information disclosure, which may be leveraged for further attacks. The absence of a CVSS score indicates this vulnerability has been recently published and not yet fully assessed. There are no known exploits in the wild at this time, and no patches or fixes have been linked or announced. The vulnerability affects all deployments using Filemanager v2.5.0 or below, regardless of the underlying operating system, as long as the vulnerable endpoint is exposed and accessible to an attacker.

For European organizations, this vulnerability poses a risk primarily to those using the affected Filemanager versions in their web infrastructure. The unauthorized access to sensitive files could lead to leakage of confidential information, including credentials, internal configurations, or personal data protected under GDPR. This could result in regulatory penalties, reputational damage, and potential lateral movement by attackers within the network. Organizations in sectors with high data sensitivity such as finance, healthcare, and government are particularly at risk. Additionally, if the exposed files contain cryptographic keys or tokens, attackers could escalate the impact by impersonating services or users. The lack of known exploits currently reduces immediate risk but does not eliminate the threat, especially as public disclosure may prompt attackers to develop exploits.

Organizations should immediately audit their use of Filemanager software to identify any instances running version 2.5.0 or earlier. If possible, upgrade to a newer, patched version once available. In the absence of an official patch, implement web application firewall (WAF) rules to detect and block requests containing directory traversal patterns such as '../' sequences targeting the filemanager.php endpoint. Restrict access to the filemanager.php endpoint by IP whitelisting or VPN-only access to limit exposure. Conduct thorough logging and monitoring of access to this endpoint to detect suspicious activity. Additionally, review server file permissions to ensure that the web server process has the minimum necessary access rights to limit the impact of any traversal attempts. Finally, prepare incident response plans to quickly address any exploitation attempts once patches or further information become available.