CVE-2023-32749

HIGH

Pydio Cells < 3.0.12 - Unauthenticated Privilege Escalation via External User Role Assignment

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2023-32749. PoCs published by RedTeam Pentesting GmbH, alaeddine03, xcr-19.

AI-analyzed exploit summary This exploit demonstrates unauthorised role assignments in Pydio Cells 4.1.2 and earlier by creating a new user with elevated privileges via a modified HTTP PUT request. It leverages the ability to assign all available roles to a newly created user, enabling privilege escalation.

Description

Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all cells and non-personal workspaces is granted.

Exploits (3)

exploitdb WORKING POC
by RedTeam Pentesting GmbH · textwebappsgo
https://www.exploit-db.com/exploits/51496

This exploit demonstrates unauthorised role assignments in Pydio Cells 4.1.2 and earlier by creating a new user with elevated privileges via a modified HTTP PUT request. It leverages the ability to assign all available roles to a newly created user, enabling privilege escalation.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Pydio Cells 4.1.2 and earlier
Auth required
Prerequisites: Valid user credentials to obtain a JWT token · Access to the Pydio Cells web interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by alaeddine03 · poc
https://github.com/alaeddine03/CVE-2023-32749-PoC

The repository contains a functional Python script that exploits CVE-2023-32749, allowing a low-privileged authenticated user to create a new external user with all roles assigned in Pydio Cells. The exploit leverages improper role assignment validation to escalate privileges.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Pydio Cells <= 4.1.2
Auth required
Prerequisites: Authenticated session with a valid Bearer token · Network access to the Pydio Cells instance
devstral-2 · analyzed Apr 10, 2026 Full analysis →
nomisec WORKING POC
by xcr-19 · poc
https://github.com/xcr-19/CVE-2023-32749

This PoC exploits CVE-2023-32749 in Pydio Cells to create a new user account with elevated privileges by leveraging a valid credential. It interacts with the REST API to authenticate, retrieve user UUIDs, and create a new user with all available roles.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Pydio Cells (version not specified, likely <= 4.1.2)
Auth required
Prerequisites: Valid user credentials · Access to the Pydio Cells REST API
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 8.8
EPSS 0.1420
EPSS Percentile 96.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-863
Status published
Products (1)
pydio/cells < 3.0.12
Published Jun 08, 2023
Tracked Since Feb 18, 2026