lib/Controller/ExtractionController.php in the Extract add-on prior to 1.2.0 for Nextcloud allows Remote Code Execution via shell metacharacters in a RAR filename via ajax/extractRar.php (nameOfFile and directory parameters).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nextcloud extract |