Main Vulnerability Database Exploits ID:9446 - Exploit for Improper Authentication in ownCloud Server - CVE-2023-49105

ID:9446 - Exploit for Improper Authentication in ownCloud Server - CVE-2023-49105

Published: December 19, 2023

Vulnerability identifier: #VU83563

Vulnerability risk: High

CVE-ID: CVE-2023-49105

CWE-ID: CWE-287

Exploitation vector: Remote access

Vulnerable software:
ownCloud Server

Link to public exploit:

https://github.com/ambionics/owncloud-exploits

Vulnerability description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in WebDAV API. A remote attacker can bypass authentication process using Pre-Signed URLs and compromise the affected system.

Remediation

Install updates from vendor's website.

ID:9446 - Exploit for Improper Authentication in ownCloud Server - CVE-2023-49105

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human