CVE-2024-52513

Nextcloud Server's Attachments folder for Text app is accessible on "Files drop" and "Password protected" shares

CVSS 2.6 LOWEPSS 0.5%CWE-200

Vexday Risk Score

8Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 2.6EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

15 Nov 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Nextcloud Server is a self hosted personal cloud system. After receiving a "Files drop" or "Password protected" share link a malicious user was able to download attachments that are referenced in Text files without providing the password. It is recommended that the Nextcloud Server is upgraded to 28.0.11, 29.0.8 or 30.0.1 and Nextcloud Enterprise Server is upgraded to 25.0.13.13, 26.0.13.9, 27.1.11.9, 28.0.11, 29.0.8 or 30.0.1.

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N

Affected products

nextcloud · security-advisories

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-gxph-5m4j-pfmj https://github.com/nextcloud/text/commit/ca24b25c93b81626b4e457c260243edeab5f1548 https://github.com/nextcloud/text/pull/6485 https://hackerone.com/reports/2376900