Ausnahme gefangen: SSL certificate problem: certificate is not yet valid ๐Ÿ“Œ Nextcloud: Allows any user to share their "Root" level folder by sharing "."
Team IT Security Nachrichtenportal Logo

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security
RSS Feed Symbol fรผr Team IT Security 800+ IT News als RSS Feed abonnieren



๐Ÿ“š Nextcloud: Allows any user to share their "Root" level folder by sharing "."


๐Ÿ’ก Newskategorie: Sicherheitslรผcken
๐Ÿ”— Quelle: vulners.com


image
There seems to be a bug in the "File to Share" feature of Nextcloud Talk. This allows any authenticated user/admin to share their "root" level folder by manipulating the "path": parameter in the JSON body request to the remote API /nextcloud/ocs/v2.php/apps/files_sharing/api/v1/shares Steps to repo: 1. Create a new user account with no permissions/shared files 1. In the admin account enable Nextcloud Talk(speed) 1. Invite the new user to the chat 1. Click on the file symbol in the chat window 1. The file to share dialog window will popup 1. select any folder from the admin account. 1. Capture tat HTTP POST request in burp repeater 1. Change the "path:"/<folder_name>" to path:"." which indicated the "root level of the folder" You might get a 403 but if you look at the chat window on the user side you will see the admin "root" folder shared to the user. This also works if you create a group chat and do the same steps. Expected Request ``` POST /nextcloud/ocs/v2.php/apps/files_sharing/api/v1/shares HTTP/1.1 Host: [removed] User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/json;charset=utf-8 requesttoken: [removed] Content-Length: 82 Origin: [removed] Connection: close Cookie: [removed]; oc_sessionPassphrase=[removed]; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true; nc_username=[removed];... ...



Sharing is caring on Social Media

๐Ÿ”— Reddit
๐Ÿ”— Telegram
๐Ÿ”— LinkedIn
๐Ÿ”— Xing
๐Ÿ”— Twitter
๐Ÿ”— Whatsapp
๐Ÿ”— Facebook
๐Ÿ”— Flipboard

Join the Team IT Security Community

๐Ÿ”— "IT Sicherheit" Reddit-Gruppe
๐Ÿ”— "IT Sicherheit" Telegramm-Seite

๐Ÿ“Œ Nextcloud: Allows any user to share their "Root" level folder by sharing "."


๐Ÿ“ˆ 90.26 Punkte

๐Ÿ“Œ You are missing .installer folder. Not sure how to fix this issue as it says Iโ€™m missing a folder when itโ€™s right there but for some reason the folder is lighter than the others. That folder only appears when I check show hidden folders. Whyโ€™s the


๐Ÿ“ˆ 46.1 Punkte

๐Ÿ“Œ Nextcloud: Authentication bypass in Global Site Selector allows an attacker to log in as any user


๐Ÿ“ˆ 35.58 Punkte

๐Ÿ“Œ Nextcloud: Default Nextcloud allows http federated shares


๐Ÿ“ˆ 33.5 Punkte

๐Ÿ“Œ Nextcloud: Improper handling of request URLs in nextcloud/guests allows guest users to bypass app allowlist


๐Ÿ“ˆ 33.5 Punkte

๐Ÿ“Œ A long time ago, back in the 2.6 kernel era, I saw a kernel patch that gave any user whose primary groupid was set to 0 (root group) to have read access to any file or block node on the system, regardless of the file's permissions. Does something like t


๐Ÿ“ˆ 30.73 Punkte

๐Ÿ“Œ Year-Old Samba Bug Allows Access to Forbidden Root Share Paths


๐Ÿ“ˆ 27.82 Punkte

๐Ÿ“Œ Flaw in Rockwell PanelView Allows Root-Level Access to Devices


๐Ÿ“ˆ 27.77 Punkte

๐Ÿ“Œ Nextcloud: IDOR allows me to mark devices of another user for remote wipe out


๐Ÿ“ˆ 27.54 Punkte

๐Ÿ“Œ A Flaw in Apache HTTP Server Allows any Users to Gain Root Access


๐Ÿ“ˆ 26.87 Punkte

๐Ÿ“Œ sudo flaw allows any users to run commands as Root on Linux


๐Ÿ“ˆ 26.87 Punkte

๐Ÿ“Œ Villain - Windows And Linux Backdoor Generator And Multi-Session Handler That Allows Users To Connect With Sibling Servers And Share Their Backdoor Sessions


๐Ÿ“ˆ 26.27 Punkte

๐Ÿ“Œ A vulnerability in the way Linux handles the CLOCK_THREAD_CPUTIME_ID allows local attackers to reach a race condition and use this to elevate their privileges to root


๐Ÿ“ˆ 26.13 Punkte

๐Ÿ“Œ Nextcloud: Delete external storage of any user


๐Ÿ“ˆ 25.6 Punkte

๐Ÿ“Œ The flaw in the popular file uploader allows an attacker to upload files and run their own command line shell on any affected server.


๐Ÿ“ˆ 25.31 Punkte

๐Ÿ“Œ RemotePC mobile access allows users to access their remote computers from any iOS or Android device


๐Ÿ“ˆ 25.31 Punkte

๐Ÿ“Œ PSA: Single-user mode allows booting to root login (e.g. for maintenance).


๐Ÿ“ˆ 24.63 Punkte

๐Ÿ“Œ Avast One Silver allows users to tailor their coverage based upon their personal preferences


๐Ÿ“ˆ 24.57 Punkte

๐Ÿ“Œ Richard Stallman: "The developers of Linux, or any free program, can remove any and all code, at any time, without giving a reason"


๐Ÿ“ˆ 24.11 Punkte

๐Ÿ“Œ Visual Studio Code: How Microsoft's 'any OS, any programming language, any software' plan is paying off


๐Ÿ“ˆ 24.11 Punkte

๐Ÿ“Œ Meet GO To Any Thing (GOAT): A Universal Navigation System that can Find Any Object Specified in Any Way- as an Image, Language, or a Category- in Completely Unseen Environments


๐Ÿ“ˆ 24.11 Punkte

๐Ÿ“Œ Facebook security error allows hackers to delete any userโ€™s videos


๐Ÿ“ˆ 23.81 Punkte

๐Ÿ“Œ Reddit: IDOR allows an attacker to modify the links of any user


๐Ÿ“ˆ 23.81 Punkte

๐Ÿ“Œ A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.


๐Ÿ“ˆ 23.81 Punkte

๐Ÿ“Œ Day 3 of ZDI's top bugs of 2018 details a Microsoft Exchange bug that allows any authenticated user to impersonate anyone else on the Exchange Server. PoC included.


๐Ÿ“ˆ 23.81 Punkte

๐Ÿ“Œ [Guider] how to trace all functions on user-level and kernel level for syscalls?


๐Ÿ“ˆ 23.68 Punkte

๐Ÿ“Œ Millions are still sharing their Netflix passwords beyond their household. That won't be free for much longer


๐Ÿ“ˆ 23.67 Punkte

๐Ÿ“Œ New Mcafee Survey Finds Parents Ignore Their Own Concerns Of Sharing Images Of Their Children Online


๐Ÿ“ˆ 23.67 Punkte

๐Ÿ“Œ China's Leaders Soften Their Stance on AI, Say They Will Be Sharing Their Findings With Other Countries


๐Ÿ“ˆ 23.67 Punkte

๐Ÿ“Œ Nextcloud Talk: Videokonferenzen fรผr Nextcloud vorgestellt


๐Ÿ“ˆ 23.53 Punkte

๐Ÿ“Œ Nextcloud: Content Spoofing /Text Injection in https://docs.nextcloud.com


๐Ÿ“ˆ 23.53 Punkte

๐Ÿ“Œ Nextcloud and ONLYOFFICE are doing a webinar on collaborative editing in Nextcloud environment on Nov 20th


๐Ÿ“ˆ 23.53 Punkte

๐Ÿ“Œ Nextcloud Hub: Version 18 der Nextcloud wird zur ausgewachsenen Groupware


๐Ÿ“ˆ 23.53 Punkte

๐Ÿ“Œ Nextcloud Hub: Version 18 der Nextcloud wird zur ausgewachsenen Groupware


๐Ÿ“ˆ 23.53 Punkte

๐Ÿ“Œ Nextcloud wird zu ยปNextcloud Hubยซ


๐Ÿ“ˆ 23.53 Punkte











matomo

Kontakt

24/7 kontakt@tsecurity.de

Weitere Informationen

Google Android Playstore Download Button fรผr Team IT Security
๐Ÿ”— Impressum
๐Ÿ”— Datenschutz
Paypal Spenden fรผr Projekt

Social Media

๐Ÿ”— Facebook
๐Ÿ”— Reddit
๐Ÿ”— Team IT Security als Elektron App
๐Ÿ”— © 2015-2023 Team IT Security Nachrichtenportal รผber Cybersecurity
๐Ÿ”— CMS "myDraft" a PHP Portal Software