Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
owncloudOwnCloudOC-SA-2015-017
HistorySep 30, 2015 - 4:53 p.m.

Server: Command injection when using external SMB storage

2015-09-3016:53:51
owncloud.org
35

EPSS

0.005

Percentile

76.1%

JSON

The external legacy SMB storage (not using php-libsmbclient) of ownCloud was not properly neutralizing all special elements which allows an adversary to execute arbitrary SMB commands.

Effectively this allows an attacker to gain access to any file on the system or overwrite it, potentially leading to a PHP code execution.

For more information please consult the official advisory.

This advisory is licensed CC BY-SA 4.0

Related

owncloud 1
prion 1
cvelist 1
nvd 1
ubuntucve 1
openvas 1
cve 1
owncloud
owncloud
Command injection when using external SMB storage - ownCloud
2015-09-30 18:53:46
prion
prion
Command injection
2015-10-21 18:59:00
cvelist
cvelist
CVE-2015-7698
2015-10-21 18:00:00
nvd
nvd
CVE-2015-7698
2015-10-21 18:59:06
ubuntucve
ubuntucve
CVE-2015-7698
2015-10-21 00:00:00
openvas
openvas
ownCloud <= 8.1.1 RCE Vulnerability (oC-SA-2015-017)
2021-09-21 00:00:00
cve
cve
CVE-2015-7698
2015-10-21 18:59:06

EPSS

0.005

Percentile

76.1%

JSON
Related for OC-SA-2015-017
owncloud1prion1cvelist1nvd1ubuntucve1openvas1cve1