FileRise is a self-hosted web file manager and WebDAV server that integrates with ONLYOFFICE for document editing. In versions prior to 3.10.0, a broken access control vulnerability (CWE-863) exists in the ONLYOFFICE integration component. Specifically, an authenticated user with read-only permissions can retrieve a signed save callbackUrl associated with a file. This signed URL is intended to securely authorize save operations from ONLYOFFICE back to FileRise. However, due to improper authorization checks, the attacker can forge the ONLYOFFICE save callback request using the obtained callbackUrl, enabling them to overwrite the target file with arbitrary, attacker-controlled content. This effectively escalates their privileges from read-only to write capabilities on files they should not be able to modify. The vulnerability does not require user interaction beyond authentication and can be exploited remotely over the network. The CVSS v3.1 base score is 7.1 (high), reflecting the network attack vector, low attack complexity, required privileges (authenticated user), no user interaction, unchanged scope, limited confidentiality impact, but high integrity impact, and no availability impact. The issue has been addressed and patched in FileRise version 3.10.0. No known exploits in the wild have been reported as of the publication date.

This vulnerability allows authenticated users with only read permissions to escalate their privileges and modify files arbitrarily, compromising data integrity and potentially confidentiality if sensitive files are overwritten or replaced with malicious content. For organizations relying on FileRise for secure file management and collaboration, this can lead to unauthorized data tampering, loss of trust in document authenticity, and potential downstream impacts such as malware injection or data corruption. Since FileRise is self-hosted, organizations with exposed instances accessible over the network are at risk. The lack of availability impact means systems remain operational, but the integrity breach can have serious consequences for compliance, auditing, and operational security. Attackers exploiting this flaw could target sensitive documents, configuration files, or scripts, leading to broader compromise or lateral movement within the network.

The primary mitigation is to upgrade FileRise to version 3.10.0 or later, where the vulnerability is patched. Until upgrade is possible, organizations should restrict access to FileRise instances to trusted users only and enforce strict authentication and authorization policies. Review and limit read-only user permissions to minimize exposure. Network-level controls such as IP whitelisting or VPN access can reduce attack surface. Monitoring and logging of ONLYOFFICE save callback requests should be enabled to detect suspicious activity or unauthorized file modifications. Additionally, implement file integrity monitoring to detect unexpected changes. If possible, disable ONLYOFFICE integration temporarily until the patch is applied. Educate users about the risk of unauthorized file modifications and encourage reporting of anomalies. Regularly audit access logs and verify file integrity to identify potential exploitation attempts.