Update Your “Novell Filr” ASAP, Several Vulnerabilities Discovered By Researcher!

Are you using “Filr” for sharing and accessing your corporate data? If yes, please update your “Filr” as soon as possible. Researchers of SEC Consult, discovered several security flaws in it. Filr is a widely used tool by corporate giants to access and share official files. Filr is a product of British Software Company “Micro Focus”. It was first developed by Novell, later in 2014 they merged with this British Software Company.

What is the Vulnerability?

Security Researchers of SEC Consult were doing research on this product of Micro Focus from the staring of May 2016. One of its researcher found several critical vulnerabilities in two widely used version of Filr. Hackers could exploit these vulnerabilities to upload remote files in the system, to execute malicious remote files and commands and to change configuration files of an appliance. Filr’s “Version 1.2 and 2.0” contains these security issues. By exploiting these vulnerabilities, hackers could gain the full control of the product.

List of the Vulnerabilities

Authentication Bypass

Persistent XSS (Cross-Site-Scripting)

Insecure File Permission

CSRF (Cross Site Request Forgery)

Path Traversal Vulnerabilities

Command Injection

Another vulnerability was discovered by researcher, which was allowing hackers to steal session cookies. Filr is not using HttpOnly flag in its web interface for the security of session cookies. Directly it is not that much harmful but hackers could take advantage of it, by exploiting it with a persistent XSS attack.

What About Security Updates?

A security update has been released by Micro Focus for the patch of these major vulnerabilities. Maximum vulnerabilities has been patched by the vendor in this update but a major HttpOnly flag issue is still pending. According to Micro Focus, if they will patch this right now Filr will not work properly and users may face problems. In this update they also fixed some other vulnerabilities which were discovered by researchers in May 2016. “BadLock” Samba Vulnerability is one of them. You can check the details of these vulnerabilities, it have been registered under following CVE identities:

CVE-2016-1607

CVE-2016-1608

CVE-2016-1609

CVE-2016-1610

CVE-2016-1611

“Update Your Filr Installations as soon as possible, if you want security of your files.”