Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2021-37617

Date: August 18, 2021

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. The Nextcloud Desktop Client invokes its uninstaller script when being installed to make sure there are no remnants of previous installations. In versions 3.0.3 through 3.2.4, the Client searches the "Uninstall.exe" file in a folder that can be written by regular users. This could lead to a case where a malicious user creates a malicious "Uninstall.exe", which would be executed with administrative privileges on the Nextcloud Desktop Client installation. This issue is fixed in Nextcloud Desktop Client version 3.3.0. As a workaround, do not allow untrusted users to create content in the "C:\" system folder and verify that there is no malicious "C:\Uninstall.exe" file on the system.

Language: C++

Severity Score

Related Resources (5)

https://hackerone.com/reports/1240749
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6q2w-v879-q24v
https://nvd.nist.gov/vuln/detail/CVE-2021-37617
https://github.com/nextcloud/desktop/pull/3497
https://www.mend.io/vulnerability-database/CVE-2021-37617

Severity Score

Weakness Type (CWE)

Uncontrolled Search Path Element

CWE-427

Untrusted Search Path

CWE-426

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

CVSS v2

Base Score:
Access Vector (AV): LOCAL
Access Complexity (AC): MEDIUM
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us