Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Remote Code Execution within Collabora Online jail with Macros Enabled
Vulnerability Description
Collabora Online is a collaborative online office suite based on LibreOffice. Macro support is disabled by default in Collabora Online, but can be enabled by an administrator. Collabora Online typically hosts each document instance within a jail and is allowed to download content from locations controlled by the net.lok_allow configuration option, which by default include the private IP ranges to enable access to the local network. If enabled, macros were allowed run executable binaries. By combining an ability to host executables, typically in the local network, in an allowed accessible location, with a macro enabled Collabora Online, it was then possible to install arbitrary binaries within the jail and execute them. These executables are restricted to the same jail file system and user as the document instance but can be used to bypass the additional limits on what network hosts are accessible and provide more flexibility as a platform for further attempts. This is issue is fixed in 24.04.12.4, 23.05.19, 22.05.25 and later macros.
CVSS Information
N/A
Vulnerability Type
从非可信控制范围包含功能例程
Vulnerability Title
Collabora Online 安全漏洞
Vulnerability Description
Collabora Online是英国Collabora公司的一个应用软件。一个强大的基于 LibreOffice 的在线办公室,支持所有主要的文档、电子表格和演示文件格式。 Collabora Online 24.04.12.4、23.05.19、22.05.25及之前版本存在安全漏洞,该漏洞源于宏功能允许在jail中执行任意二进制文件,可能导致绕过网络访问限制。
CVSS Information
N/A
Vulnerability Type
N/A