Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path traversal allows tricking the Talk Android app into writing files into it's root directory
Vulnerability Description
Nextcloud Talk Android allows users to place video and audio calls through Nextcloud on Android. Prior to version 17.0.0, an unprotected intend allowed malicious third party apps to trick the Talk Android app into writing files outside of its intended cache directory. Nextcloud Talk Android version 17.0.0 has a patch for this issue. No known workarounds are available.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Nextcloud Talk 路径遍历漏洞
Vulnerability Description
Nextcloud Talk是德国Nextcloud公司的一款自托管的本地音频/视频和聊天通信服务。 Nextcloud Talk 17.0.0之前版本存在路径遍历漏洞。攻击者利用该漏洞在其预期缓存目录之外写入文件。
CVSS Information
N/A
Vulnerability Type
N/A