Critical Unauthenticated File Upload Vulnerability in RSFiles! Fixed

Critical Unauthenticated File Upload Vulnerability in RSFiles! Fixed

First seen 10 Jul 2026, 22:41 UTC Mysites.Guruwww.rsjoomla.comcwe.mitre.orgcheatsheetseries.owasp.orgwww.cvedetails.com 89% similarity 72.2

Article Content

Browse articles
ThreatCluster

A severe unauthenticated file upload vulnerability was discovered in RSFiles! up to version 1.17.11, allowing attackers to upload malicious files, including .php scripts, to the public downloads directory. This flaw enables remote code execution without authentication, posing a significant risk to Joomla sites using RSFiles!. RSJoomla released a patch in version 1.17.12 on July 10, 2026, urging users to update immediately. The vulnerability was identified during a source code audit and has been privately disclosed, with a CVE request pending. Administrators are advised to check for unauthorized files and accounts post-update. The exploit is expected to be actively targeted following the public disclosure of the vulnerability.

Key Points: • RSFiles! versions up to 1.17.11 are vulnerable to unauthenticated file uploads. • Attackers can execute uploaded .php files, leading to remote code execution. • Immediate update to version 1.17.12 is critical to mitigate risks.

ThreatCluster AI

Timeline

2007-08-23
CVE-2007-4504 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-07-10
RSFiles! version 1.17.12 released
RSJoomla released a patch fixing the critical unauthenticated file upload vulnerability.
Mysites.Guru
2026-07-10
Vulnerability disclosed
The unauthenticated file upload vulnerability was privately disclosed to RSJoomla before the patch release.
Mysites.Guru
2026-07-11
Public advisory issued
RSJoomla published an advisory urging users to update to the latest version immediately due to the disclosed vulnerability.
RSJoomla

Community

Browse all →