ownCloud Vulnerability Exploited in Mass Attacks
Security researchers have identified a severe vulnerability in ownCloud, an open-source filesharing server app, that allows hackers to gain full control of vulnerable servers. The vulnerability, rated with a severity score of 10, enables attackers to obtain passwords and cryptographic keys by sending a simple web request to a static URL. Researchers have observed "mass exploitation" of the vulnerability, with the number of IP addresses attempting to exploit it steadily increasing. While some experts believe the threat may be limited due to specific conditions required for exploitation, there are still concerns given the large number of ownCloud servers in use. ownCloud has also recently fixed two other high-severity vulnerabilities. Users are advised to follow mitigation steps provided by ownCloud to protect their systems.
- ownCloud vulnerability with maximum 10 severity score comes under “mass” exploitation Ars Technica
- Experts warn of critical ownCloud vulnerability being exploited The Record from Recorded Future News
- Exploitation of Critical ownCloud Vulnerability Begins SecurityWeek
- Critical ownCloud flaw under attack (CVE-2023-49103) Help Net Security
- Trio of major holes in ownCloud expose admin passwords, allow unauthenticated file mods The Register
Reading Insights
0
0
4 min
vs 5 min read
86%
902 → 123 words
Want the full story? Read the original article
Read on Ars Technica