CVE-2023-25579

Nextcloud server is a self hosted home cloud product. In affected versions the `OC\Files\Node\Folder::getFullPath()` function was validating and normalizing the string in the wrong order. The function is used in the `newFile()` and `newFolder()` items, which may allow to creation of paths outside of ones own space and overwriting data from other users with crafted paths. This issue has been addressed in versions 25.0.2, 24.0.8, and 23.0.12. Users are advised to upgrade. There are no known workarounds for this issue.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*

History

21 Nov 2024, 07:49

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : 6.0
References () https://github.com/nextcloud/security-advisories/security/advisories/GHSA-273v-9h7x-p68v - Vendor Advisory () https://github.com/nextcloud/security-advisories/security/advisories/GHSA-273v-9h7x-p68v - Vendor Advisory
References () https://github.com/nextcloud/server/pull/35074 - Patch () https://github.com/nextcloud/server/pull/35074 - Patch

Information

Published : 2023-02-22 19:15

Updated : 2024-11-21 07:49


NVD link : CVE-2023-25579

Mitre link : CVE-2023-25579

CVE.ORG link : CVE-2023-25579


JSON object : View

Products Affected

nextcloud

  • nextcloud_server
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')