4 matches found
CVE-2020-11534
An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit the NSFileDownloader function to pass parameters to a binary such as curl or wget and remotely execute code on a victim's server...
CVE-2020-11534
An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit the NSFileDownloader function to pass parameters to a binary such as curl or wget and remotely execute code on a victim's server...
CVE-2020-11534
An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit the NSFileDownloader function to pass parameters to a binary such as curl or wget and remotely execute code on a victim's server...
CVE-2020-11534
ONLYOFFICE Document Server 5.5.0 is affected by CVE-2020-11534. The issue arises from NSFileDownloader handling crafted .docx input, allowing parameters to be passed to a binary (e.g., curl or wget) and enabling remote code execution on the server. The available sources describe the impact as rem...