Security News > 2023 > November > Hackers start exploiting critical ownCloud flaw, patch now

Hackers are exploiting a critical ownCloud vulnerability tracked as CVE-2023-49103 that exposes admin passwords, mail server credentials, and license keys in containerized deployments.
Of the three flaws, CVE-2023-49103 received a maximum CVSS severity score of 10.0 as it allows a remote threat actor to execute phpinfo() through the ownCloud 'graphapi' app, which reveals the server's environment variables, including credentials stored within them.
"In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key," reads the CVE-2023-49103 advisory.
Leveraging CVE-2023-49103 for data theft attacks isn't complicated, and threat actors have already been discovered exploiting the flaw in attacks.
Php' file, disable the 'phpinfo' function in Docker containers, and change potentially exposed secrets like the ownCloud admin password, mail server, database credentials, and Object-Store/S3 access keys.
Critical bug in ownCloud file sharing app exposes admin passwords.
News URL
Related news
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Critical flaw in Next.js lets hackers bypass authorization (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw (source)
- Critical FortiSwitch flaw lets hackers change admin passwords remotely (source)
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-21 | CVE-2023-49103 | Unspecified vulnerability in Owncloud Graph API 0.2.0/0.3.0 An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. | 7.5 |