CVE-2015-4718

Name of the Vulnerable Software and Affected Versions ownCloud Server versions 6.0.0 through 6.0.7 ownCloud Server versions 7.0.0 through 7.0.5 ownCloud Server versions 8.0.0 through 8.0.3

Description The issue allows remote authenticated users to execute arbitrary SMB commands via a ; (semicolon) character in a file. This is due to the lack of neutralization of special elements used in the operating system command. Exploitation of the issue may allow a remote attacker to execute arbitrary SMB commands.

Recommendations For ownCloud Server versions 6.0.0 through 6.0.7, update to version 6.0.8 or later. For ownCloud Server versions 7.0.0 through 7.0.5, update to version 7.0.6 or later. For ownCloud Server versions 8.0.0 through 8.0.3, update to version 8.0.4 or later.