CVE-2025-53829 PUBLISHED

ownCloud 10 is vulnerable to Relative Path Traversal

Assigner: GitHub_M
Reserved: 09.07.2025 Published: 06.07.2026 Updated: 06.07.2026

ownCloud is a file storage, synchronization, and sharing application. In ownCloud 10 prior to version 10.15.3, an attacker with administrative privileges can exploit a path traversal vulnerability in the system to execute arbitrary code. Upgrade ownCloud 10 to version 10.15.3 or later to receive a patch.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVSS Score: 8

Product Status

Vendor owncloud
Product ownCloud 10
Versions
  • Version < 10.15.3 is affected

References

Problem Types

  • CWE-23: Relative Path Traversal CWE