Data, validation compromise likely with critical ownCloud bugs

SecurityWeek reports that threat actors could leverage critical vulnerabilities impacting open-source file-sharing software ownCloud to facilitate sensitive data exposure and authentication and validation compromise. Most serious of the identified flaws is a maximum severity bug affecting the graphapi app, which could prompt the compromise of phpinfo data, including ownCloud admin passwords, license keys, mail server credentials, and other webserver environment variables, according to an advisory from ownCloud, which noted that remediating the issue requires updating the admin password, Object-Store/S3 access key, and mail server and database credentials. On the other hand, exploitation of the second flaw, an authentication bypass bug in WebDAV API, could facilitate file access, alteration, or removal without any authentication, while the third could be leveraged to enable subdomain validation evasion. "Within the oauth2 app an attacker is able to pass in a specially crafted redirect-URL which bypasses the validation code and thus allows the attacker to redirect callbacks to a TLD controlled by the attacker," said ownCloud.