Nextcloud Server and Enterprise Server Unprotected Endpoint Vulnerability Allowing Request Proxying

A vulnerability exists in Nextcloud Server versions prior to 28.0.13, 29.0.10, and 30.0.3, as well as in Nextcloud Enterprise Server versions prior to 28.0.13, 29.0.10, and 30.0.3. The issue arises from a currently unused endpoint meant to verify a share recipient, which was not properly secured. This flaw allowed for the proxying of requests to another server. The vulnerable endpoint has been removed in the mentioned patched versions.

Impact

Exploitation of this vulnerability could have allowed for unauthorized request proxying to another server, potentially leading to further attacks or data exposure.

Remediation

Users are advised to upgrade Nextcloud Server to version 28.0.13, 29.0.10, or 30.0.3. Nextcloud Enterprise Server users should upgrade to version 28.0.13, 29.0.10, or 30.0.3.