PHP arbitrary class instantiation in "files_external" - ownCloud

2015-09-30T18:54:55
ID OWNCLOUD:E25472B99B9DB49F6C4029F91E615002
Type owncloud
Reporter Robin McCorkell – ownCloud Inc. (rmccorkell@owncloud.com) – Vulnerability discovery and disclosure.
Modified 2018-01-03T18:55:36

Description

A user may instantiate arbitrary ownCloud classes due to a lack of a proper check of the mount point options provided by a user via the web front end. These may include constructor arguments and could potentially lead to a remote code execution.

Affected Software

Action Taken

The mount points are now properly validated in the controller before being stored.

Acknowledgements

The ownCloud team thanks the following people for their research and responsible disclosure of the above advisory:

  • Robin McCorkell - ownCloud Inc. (rmccorkell@owncloud.com) - Vulnerability discovery and disclosure.