FileRise is a self-hosted web file manager and WebDAV server used to manage files remotely. Versions prior to 3.8.0 contain a vulnerability (CVE-2026-33071) classified under CWE-434 (Unrestricted Upload of File with Dangerous Type) and CWE-552 (Files or Directories Accessible to External Parties). The core issue is that the WebDAV upload endpoint accepts any file extension without validation, including potentially dangerous server-side executable extensions such as .php, .phtml, .php5, and .htaccess. This contrasts with the regular upload endpoint, which enforces filename validation using a regex pattern (REGEX_FILE_NAME). The vulnerability stems from the createFile() method in FileRiseDirectory.php and the put() method in FileRiseFile.php, which accept filenames directly from WebDAV clients without validation. In environments where Apache's LocationMatch directive is not configured to restrict execution of uploaded files, attackers can upload malicious scripts and execute them remotely, leading to remote code execution (RCE). This can allow attackers to execute arbitrary code on the server, potentially compromising the system. The vulnerability requires network access to the WebDAV endpoint and authenticated privileges (PR:L), but no user interaction is needed. The CVSS v3.1 base score is 4.3 (medium severity), reflecting limited impact on confidentiality and availability but a potential integrity impact via code execution. The issue was fixed in FileRise version 3.8.0 by adding proper filename validation on the WebDAV upload path. No known exploits have been reported in the wild as of the publication date.

If exploited, this vulnerability allows an attacker with authenticated access to the WebDAV upload endpoint to upload malicious server-side executable files. In deployments lacking proper Apache LocationMatch protections, this can lead to remote code execution, enabling attackers to run arbitrary code on the server. This compromises the integrity of the system and can lead to further attacks such as data theft, system manipulation, or pivoting within the network. The impact is significant for organizations relying on FileRise for file management and WebDAV services, especially if deployed in internet-facing environments without hardened web server configurations. However, the requirement for authenticated access limits the attack surface somewhat. Organizations with lax access controls or weak credentials are at higher risk. The vulnerability does not directly affect confidentiality or availability but can indirectly lead to data breaches or service disruptions if exploited.

1. Upgrade FileRise to version 3.8.0 or later, where the vulnerability is fixed with proper filename validation on the WebDAV upload endpoint. 2. If upgrading immediately is not possible, restrict access to the WebDAV endpoint to trusted users and networks only, using network segmentation and firewall rules. 3. Configure Apache web server with LocationMatch directives or equivalent to prevent execution of uploaded files in the upload directories, effectively blocking execution of malicious scripts. 4. Enforce strong authentication and authorization controls on the WebDAV service to limit who can upload files. 5. Monitor upload directories for suspicious files with executable extensions and remove them promptly. 6. Implement file integrity monitoring and logging to detect unauthorized file uploads or modifications. 7. Conduct regular security audits and penetration testing focusing on WebDAV and file upload functionalities. 8. Educate administrators on secure configuration practices for FileRise and underlying web servers.