PT-2023-2472 · Nextcloud+2 · Nextcloud Server+2

Nickvergessen

Published

2023-03-27

Updated

2023-04-18

CVE-2023-26482

CVSS v3.1

9.0

Critical

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Nextcloud Server versions prior to 24.0.10 Nextcloud Server versions prior to 25.0.4

Description The issue is related to a missing scope validation in the Nextcloud server, allowing users to create workflows designed for administrators only. Some workflows can lead to remote code execution (RCE) by invoking scripts, generating PDFs, or running scripts on the server. The combination of available apps can result in RCE.

Recommendations For Nextcloud Server versions prior to 24.0.10, upgrade to 24.0.10. For Nextcloud Server versions prior to 25.0.4, upgrade to 25.0.4. For users unable to upgrade, disable the workflow scripts and workflow pdf converter apps as a mitigation.

Exploit

Fix

RCE

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

ALT-PU-2023-1517

ALT-PU-2023-1547

BDU:2023-02262

CVE-2023-26482

GHSA-H3C9-CMH8-7QPJ

Affected Products

Alt Linux

Nextcloud Server

Red Os

PT-2023-2472 · Nextcloud+2 · Nextcloud Server+2

CVE-2023-26482

Weakness Enumeration

Related Identifiers

Affected Products

References · 10