Skip to main content

ownCloud Core EUVDEUVD-2025-210431

| CVE-2025-53827 CRITICAL
Exposed Dangerous Method or Function (CWE-749)
2026-07-06 GitHub_M
9.1
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
9.1 CRITICAL
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
vuln.today AI
9.1 CRITICAL

Network-reachable admin function invoked without user interaction (AV:N/AC:L/UI:N); requires admin privileges (PR:H); host code execution beyond the app yields scope change and full C/I/A loss.

3.1 AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Patch available
Jul 06, 2026 - 17:01 EUVD
Analysis Generated
Jul 06, 2026 - 16:37 vuln.today

DescriptionCVE.org

ownCloud Core is the server-side component of the file storage, synchronization, and sharing application ownCloud Classic. In versions prior to 10.15.3, the Updater on ownCloud 10 before 10.15.3 has an exposed dangerous method or function. Attackers with administrative privileges may leverage functionality to execute arbitrary code. This issue has been fixed in version 10.15.3.

AnalysisAI

Arbitrary code execution in ownCloud Core (ownCloud 10 Classic server, all versions before 10.15.3) allows an administrator to abuse an exposed dangerous method in the Updater component to run code on the server host. Any actor holding administrative credentials - legitimately, or via session hijack/credential theft/CSRF against an admin - can convert web-app admin rights into full server compromise. No public exploit identified at time of analysis and it is not listed in CISA KEV; the vendor-issued GHSA-hvcx-ph66-mmvw advisory and the fix in 10.15.3 are the primary confirmation.

Technical ContextAI

ownCloud Core is the PHP server backend of the ownCloud Classic file sync-and-share platform. The flaw is classed as CWE-749 (Exposed Dangerous Method or Function): the built-in Updater exposes functionality that performs privileged operations (fetching, writing, and executing update code paths) without adequately restricting how or by whom it can be invoked. Because updater logic typically runs within the web server process and can write/execute files on disk, an exposed entry point into it effectively becomes a code-execution primitive. The affected component is identified by CPE cpe:2.3:a:owncloud:owncloud_core:*:*:*:*:*:*:*:* covering all builds prior to 10.15.3.

RemediationAI

Vendor-released patch: upgrade ownCloud Core to version 10.15.3, which the vendor states fixes this issue; consult the advisory at https://github.com/owncloud/security-advisories/security/advisories/GHSA-hvcx-ph66-mmvw. Until the upgrade is applied, reduce exposure by tightly restricting administrative access: enforce strong and unique admin credentials with multi-factor authentication, limit the number of admin accounts, and place the admin interface behind network access controls or a VPN so it is not reachable from untrusted networks (trade-off: added friction for legitimate remote administration). Where feasible, restrict or disable the built-in Updater workflow and perform updates via the controlled command-line/manual path instead (trade-off: loss of web-based one-click updating), and monitor admin sessions for anomalous update-triggering activity.

Share

EUVD-2025-210431 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy