Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
onlyoffice document server 5.5.0 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-11535
An issue exists in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit XML injection to enter an attacker-controlled parameter into the x2t binary, to rewrite this binary and/or libxcb.so.1, and execute code on a victim's server.
Onlyoffice Document Server 5.5.0
668
VMScore
CVE-2020-11534
An issue exists in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit the NSFileDownloader function to pass parameters to a binary (such as curl or wget) and remotely execute code on a victim's server.
Onlyoffice Document Server 5.5.0
668
VMScore
CVE-2020-11536
An issue exists in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit the unzip function to rewrite a binary and remotely execute code on a victim's server.
Onlyoffice Document Server 5.5.0
668
VMScore
CVE-2020-11537
A SQL Injection issue exists in ONLYOFFICE Document Server 5.5.0. An attacker can execute arbitrary SQL queries via injection to DocID parameter of Websocket API.
Onlyoffice Document Server 5.5.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started