CVE-2025-53830

CRITICAL

Anti-Virus for ownCloud < 1.2.3 - Server-Side Request Forgery

Title source: manual
STIX 2.1

Description

Anti-Virus for ownCloud is an anti-virus application for file storage, synchronization, and sharing application ownCloud. Versions of Anti-Virus for ownCloud before 1.2.3 are vulnerable to Server-Side Request Forgery (SSRF). This corresponds to versions of ownCloud 10 prior to 10.15.3. Upgrade ownCloud 10 to version 10.15.3 or later or upgrade Anti-Virus for ownCloud 10 to version 1.2.3 or later to receive a fix.

References (1)

Core 1
Core References

Scores

CVSS v3 9.1
EPSS 0.0026
EPSS Percentile 17.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-918
Status published
Products (2)
owncloud/Anti-Virus for ownCloud < 1.2.3
owncloud/ownCloud 10 < 10.15.3
Published Jul 06, 2026
Tracked Since Jul 06, 2026