CVE-2022-39211 Nextcloud server is an open source personal cloud platform. In affected versions, webservices can be found and requested erroneously. It is recommended the server is upgraded to 23.0.8 or 24.0.4.

If the Nextcloud server is running an affected version, it is recommended to upgrade to the latest version. Nextcloud is a secure, easy to use and powerful self-hosted cloud file share and calendar. It can be used by individuals and small businesses for storage and communication between employees, or as an online backup for photos and documents. Nextcloud can also be an interesting option for large enterprises that want to give employees access to company files from their own devices, without the need for installing software on company computers.

What is the Nextcloud vulnerability?

The vulnerability affects the web server and a Nextcloud client that is not running on the Nextcloud server. The vulnerability allows an attacker to send crafted HTTP requests to the web server.
Affected versions:
Versions prior to 12.0.8, 12.0.9, 13.0.3, 13.0.4

Installation instructions:

1. Open the Nextcloud web interface
2. Click on "Settings" in the top left corner
3. Click on "Installing & updating"
4. Hit "Install new version" 5. Select the latest release from the list and click "Install now" 6. After installation is complete, wait for a minute for the system to reboot
7. The following setup wizard appears:
8. Follow the instructions and make your first backup in Nextcloud

Recommended steps to protect your Nextcloud server

The Nextcloud server is running an affected version and should be upgraded to the latest version. If your server is running a vulnerable version, it should also be patched with the appropriate CVE-2022-39211 patch.

What is the Nextcloud security issue?

A security issue has been discovered in the Nextcloud device plugin for Synology DiskStation Manager (DSM). The nextcloud device plugin is exposed to a potential attack vector, which could lead to remote code execution.
If you are using the synology DSM and you have configured your NextCloud server with a Synology account, please upgrade to the latest version of the NextCloud server.
In order to take advantage of all features of the Synology DSM, you should configure the Server URL in the following way: https://server_name:port/nextcloud/

Upgrading to the latest Nextcloud version is strongly recommended

Nextcloud version 12.0 was released on 13th of July and is affected by a vulnerability which can be exploited by malicious users to gain root privileges on the Nextcloud server. The vulnerability has been fixed in version 12.0.1, which should be installed as soon as possible.
In order to ensure that all Nextcloud servers stay safe and secure, upgrading to the latest version is strongly recommended.

Timeline

Published on: 09/16/2022 23:15:00 UTC
Last modified on: 09/21/2022 14:53:00 UTC

References

• https://github.com/nextcloud/server/pull/32988
• https://github.com/nextcloud/security-advisories/security/advisories/GHSA-rmf9-w497-8cq8
• https://github.com/nextcloud/server/pull/33031
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-39211