high
7.5
CWE
22
Advisory Published
Updated

CVE-2023-25579: Directory traversal in Nextcloud server

First published: Wed Feb 22 2023(Updated: )

Nextcloud server is a self hosted home cloud product. In affected versions the `OC\Files\Node\Folder::getFullPath()` function was validating and normalizing the string in the wrong order. The function is used in the `newFile()` and `newFolder()` items, which may allow to creation of paths outside of ones own space and overwriting data from other users with crafted paths. This issue has been addressed in versions 25.0.2, 24.0.8, and 23.0.12. Users are advised to upgrade. There are no known workarounds for this issue.

Credit: security-advisories@github.com

Affected SoftwareAffected VersionHow to fix
Nextcloud Nextcloud Server<23.0.12
Nextcloud Nextcloud Server>=20.0.0<20.0.14
Nextcloud Nextcloud Server>=21.0.0<21.0.9
Nextcloud Nextcloud Server>=22.2.0<22.2.10
Nextcloud Nextcloud Server>=23.0.0<23.0.12
Nextcloud Nextcloud Server>=24.0.0<24.0.8
Nextcloud Nextcloud Server>=24.0.0<24.0.8
Nextcloud Nextcloud Server>=25.0.0<25.0.2
Nextcloud Nextcloud Server>=25.0.0<25.0.2

Remedy

https://github.com/nextcloud/server/pull/35074

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the vulnerability ID for this Nextcloud server vulnerability?

    The vulnerability ID for this Nextcloud server vulnerability is CVE-2023-25579.

  • What is the severity of CVE-2023-25579?

    The severity of CVE-2023-25579 is high with a severity value of 7.5.

  • What software versions are affected by CVE-2023-25579?

    The affected versions of Nextcloud server for CVE-2023-25579 are versions up to 23.0.12, 20.0.0 to 20.0.14 (enterprise), 21.0.0 to 21.0.9 (enterprise), 22.2.0 to 22.2.10 (enterprise), 23.0.0 to 23.0.12 (enterprise), 24.0.0 to 24.0.8, and 25.0.0 to 25.0.2 (enterprise).

  • How does CVE-2023-25579 impact Nextcloud server?

    CVE-2023-25579 impacts Nextcloud server by allowing the creation of paths outside of the defined storage directory, potentially enabling unauthorized access to sensitive files.

  • Is there a fix available for CVE-2023-25579?

    Yes, a fix is available for CVE-2023-25579. Users should update Nextcloud server to a version that includes the fix.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203