CVE-2021-25830 – A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4 …

1 March 2021

Vuln ID: CVE-2021-25830

Published: 2021-03-01 16:15:14Z

Description: A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.2.0.236-v5.6.4.13. An attacker must request the conversion of the crafted file from DOCT into DOCX format. Using the chain of two other bugs related to improper string handling, an attacker can achieve remote code execution on DocumentServer.

Source: NVD.NIST.GOV

Date:

1 March 2021

Categorie(s):

NVD

Tag(s):

NVD

Feds Bust Privacy-Centric Samourai Wallet Over BTC Money Laundering26 April 2024
NETGEAR buffer Overflow Vulnerability Let Attackers Bypass Authentication26 April 2024
Enhancing Cybersecurity Defenses: The role of Voice Cloning in Penetration Testing26 April 2024
Ensuring the Security and Efficiency of Web Applications and Systems26 April 2024
Integrated Residential Security Solutions to Employ in 202426 April 2024