📦

files_antivirus

Vendor: owncloud

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 2 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 0.63% Exploit Prob.

Latest CVE CVE-2021-33828 Jan 15

Security Vulnerability Index

Page 1 / 1

8.8 CVSS

CVE-2021-33828

RCE

The files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detection.

EPSS: 0.54%

Severity: HIGH

Jan 15, 2022

7.2 CVSS

CVE-2021-33827

RCE

The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings.

EPSS: 1.16%

Severity: HIGH

Jan 15, 2022

5.7 CVSS

CVE-2020-16144

When using an object storage like S3 as the file store, when a user creates a public link to a folder where anonymous users can upload files, and another user uploads a virus the files antivirus app would detect the virus but fails to delete it due to permission issues. This affects the files_antivirus component versions before 0.15.2 for ownCloud.

EPSS: 0.18%

Severity: MEDIUM

Feb 09, 2021

Displaying 3 of 3 Total Entries

Total 1 Sections