Back to overview

CVE-2025-53829

HIGH
8.0
CVSS 3.1
Description
ownCloud is a file storage, synchronization, and sharing application. In ownCloud 10 prior to version 10.15.3, an attacker with administrative privileges can exploit a path traversal vulnerability in the system to execute arbitrary code. Upgrade ownCloud 10 to version 10.15.3 or later to receive a patch.

Metadata

CVE ID
CVE-2025-53829
State
PUBLISHED
Assigner
GitHub_M
Reserved
2025-07-09 14:14 UTC
Published
2026-07-06 14:46 UTC
Last updated
2026-07-06 15:41 UTC
Primary CWE
CWE-23
CWE-23: Relative Path Traversal
Vendor / Product
owncloud / ownCloud 10
Sources
cve.org  ·  NVD

Severity & Metrics

8.0 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
SSVC — CISA Coordinator
Exploitation
none
Automatable
no
Tech. Impact
total
Affected products (1)
VendorProductPlatformVersions
owncloud ownCloud 10 < 10.15.3
Weakness (CWE)
CWESourceDescription
CWE-23 cna CWE-23: Relative Path Traversal
CVSS scores (1)
ScoreSeverityVersionSourceVector
8.0 HIGH 3.1 cna CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
References (1)
Back to overview