{"uuid": "937df8d7-9948-4e58-9609-c1f321f2880f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49105", "type": "seen", "source": "https://t.me/CipherAgents/1347352", "content": "#owncloud\n\nFor owncloud there was a cool CVE-2023-49105\n\nSploet is implemented as a proxy that signs requests and you can go through it to dav:// using the Filezilla client, Cyberduck, in short, whoever uses what.\n\nFirst we install ten , launch the proxy, but don\u2019t enjoy it.\n\nBecause out of the box the sploit didn't work for me, clients apparently can't parse the response correctly.\nAnd I simply output the response from the proxy via print(response.text) , and collected a list of files. The files themselves can be obtained via curl/wget/browser, since a GET request is enough to download files.\n\nLike wget localhost:8800/remote.php/dav/files/admin/Report.7z\n\nYou can quickly check whether owncloud is vulnerable via another CVE-2023-49103:\n/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/webpwn.css\n\nIf phpinfo() opened, then most likely the system was not updated, and these CVEs appeared nearby.\n\n>", "creation_timestamp": "2024-08-16T17:53:42.000000Z"}