NextcloudPi is a ready to use image for Virtual Machines, Raspberry Pi, Odroid HC1, Rock64 and other boards. A command injection vulnerability in NextCloudPi allows command execution as the root user via the NextCloudPi web-panel. Due to a security misconfiguration this can be used by anyone with access to NextCloudPi web-panel, no authentication is required. It is recommended that the NextCloudPi is upgraded to 1.53.1.
                
            Metrics
Affected Vendors & Products
References
        History
                    No history.
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-03-29T15:57:57.034Z
Updated: 2024-08-02T01:32:05.394Z
Reserved: 2024-03-26T12:52:00.933Z
Link: CVE-2024-30247
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-07-31T20:54:44.109Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2024-03-29T16:15:09.130
Modified: 2025-05-07T17:35:00.107
Link: CVE-2024-30247
 Redhat
                        Redhat
                    No data.