ByteOS Network

NVD Vulnerability Details :

CVE-2022-50890

Analyzed

Source-disclosure@vulncheck.com

Published At-13 Jan, 2026 | 23:15

Updated At-29 Jan, 2026 | 00:43

Owlfiles File Manager 12.0.1 contains a path traversal vulnerability in its built-in HTTP server that allows attackers to access system directories. Attackers can exploit the vulnerability by crafting GET requests with directory traversal sequences to access restricted system directories on the device.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	8.7	HIGH	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Type: Secondary

Version: 4.0

Base score: 8.7

Base severity: HIGH

Vector:

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Secondary

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CPE Matches

Weaknesses

CWE ID	Type	Source
CWE-22	Secondary	disclosure@vulncheck.com

CWE ID: CWE-22

Type: Secondary

Source: disclosure@vulncheck.com

References

Hyperlink	Source	Resource
https://apps.apple.com/us/app/owlfiles-file-manager/id510282524	disclosure@vulncheck.com	Product
https://www.exploit-db.com/exploits/51036	disclosure@vulncheck.com	Exploit
https://www.skyjos.com/	disclosure@vulncheck.com	Product
https://www.vulncheck.com/advisories/owlfiles-file-manager-path-traversal	disclosure@vulncheck.com	Third Party Advisory
https://www.exploit-db.com/exploits/51036	134c704f-9b21-4f2e-91b3-4a467353bcc0	Exploit