CVE-2022-50890

CVE Database · CVE-2022-50890

CVE-2022-50890

· HIGHAnalyzed

CVSS v3.1

7.5

CVSS v4.0

8.7

EPSS

0.93%

Published

Jan 13, 2026

Modified

Jan 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Owlfiles File Manager 12.0.1 contains a path traversal vulnerability in its built-in HTTP server that allows attackers to access system directories. Attackers can exploit the vulnerability by crafting GET requests with directory traversal sequences to access restricted system directories on the device.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Weaknesses (CWE)

CWE-22

Affected Products (6)

skyjos · owlfilesvulnerable

apple · ipados

apple · iphone_os

apple · macos

apple · tvos

apple · visionos

References (5)