PT-2025-49269 · Nextcloud+1 · Nextcloud Server+1
Published
2025-12-05
·
Updated
2026-01-29
·
CVE-2025-66552
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Nextcloud Server versions prior to 30.0.9
Nextcloud Server versions prior to 31.0.1
Description
An issue exists in Nextcloud Server and Enterprise Server related to incorrect path handling with groupfolders. This resulted in the
admin audit app failing to log all actions on files and folders within groupfolders.Recommendations
Update Nextcloud Server to version 30.0.9 or later.
Update Nextcloud Server to version 31.0.1 or later.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nextcloud Server
Red Os