News

Vulnerability ownCloud gives access to admin password

By admin
Spread the love

A vulnerability in the storage software ownCloud allows attackers to capture admin passwords and attacks have now been seen in the wild. Nextcloud is not affected by the vulnerability.

OwnCloud already posted last week about the vulnerability and security company Greynoise says that exploits have been seen in the wild that exploit the vulnerability. Those attacks seem to have little chance, according to security researcher Will Dormann says that the exploit tries to use a URI that does not exist and would only work on systems running in a container anyway.

The vulnerability works by being able to request plaintext data via a phpinfo function in the ‘graphapi’. OwnCloud advises users to change passwords and other private data anyway. The phpinfo function is also disabled. Nextcloud, which is affiliated with ownCloud, says of this vulnerability not to suffer.

OwnCloud 2.0

You might also like
News

Android 14 beta brings support for a desktop mode

News

Good news for TSMC: its 3nm node will take flight in 2024 thanks to the push of these…

News

The most boring technology of the 21st century: Intel has only grown 5% since 2000

News

Google Password Manager can start sharing passwords with partners or children

News

PlayStation 5 beta update improves audio from DualSense controller

News

Rumor: Android 15 puts apps in ‘edge-to-edge’ mode by default