Bypassing File Firewall (oC-SA-2020-002)

Aug 10, 2020

Bypassing File Firewall

(oC-SA-2020-002)

Platform: ownCloud Server

Versions:

Date: 8/3/2020

– Risk: Low
– CVSS v3 Base Score: 1.6
– CVSS v3 Vector: AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:N
– CWE ID: CWE-791
– CWE Name: Incomplete Filtering of Special Elements

Description

When a share to a folder with upload rights was created it was possible
to upload files of a type which were disallowed by the firewall.

Affected

– File Firewall < 2.8.0

Action taken

Correctly detect file type also for public shares.

Your secure file platform

Boost your productivity and enable collaboration within your organization. 

Install Server

The backbone of secure file sharing

Start Online

Our software as a service solution. Hosted securely in Germany.
Ready in a glimpse.

Download Mobile Apps

Bring your productivity game to the next level. Download our Android or iOS app from the app stores.