CVE-2025-53829

HIGH

ownCloud 10 is vulnerable to Relative Path Traversal

Title source: cna
STIX 2.1

Description

ownCloud is a file storage, synchronization, and sharing application. In ownCloud 10 prior to version 10.15.3, an attacker with administrative privileges can exploit a path traversal vulnerability in the system to execute arbitrary code. Upgrade ownCloud 10 to version 10.15.3 or later to receive a patch.

References (1)

Core 1
Core References

Scores

CVSS v3 8.0
EPSS 0.0034
EPSS Percentile 25.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-23
Status published
Products (1)
owncloud/ownCloud 10 < 10.15.3
Published Jul 06, 2026
Tracked Since Jul 06, 2026