diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json index 72def9d51a..9dd7b0ee69 100644 --- a/db/modules_metadata_base.json +++ b/db/modules_metadata_base.json @@ -122311,6 +122311,67 @@ "session_types": false, "needs_cleanup": null }, + "exploit_unix/webapp/nextcloud_workflows_rce": { + "name": "Nextcloud Workflows Remote Code Execution", + "fullname": "exploit/unix/webapp/nextcloud_workflows_rce", + "aliases": [], + "rank": 600, + "disclosure_date": "2023-03-30", + "type": "exploit", + "author": [ + "Enis Maholli", + "arianitisufi", + "Armend Gashi", + "whotwagner" + ], + "description": "This module adds workflows as an authenticated user\n which can only be created by administrators by design.\n If the app \"Nextcloud Workflow Script\" is installed it\n is possible to generate a workflow that executes commands.", + "references": [ + "URL-https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h3c9-cmh8-7qpj", + "CVE-2023-26482" + ], + "platform": "Linux,Unix", + "arch": "", + "rport": 80, + "autofilter_ports": [ + 80, + 8080, + 443, + 8000, + 8888, + 8880, + 8008, + 3000, + 8443 + ], + "autofilter_services": [ + "http", + "https" + ], + "targets": [ + "nix Command" + ], + "mod_time": "2025-05-15 09:16:26 +0000", + "path": "/modules/exploits/unix/webapp/nextcloud_workflows_rce.rb", + "is_install_path": true, + "ref_name": "unix/webapp/nextcloud_workflows_rce", + "check": true, + "post_auth": true, + "default_credential": false, + "notes": { + "Stability": [ + "crash-safe" + ], + "Reliability": [ + "repeatable-session" + ], + "SideEffects": [ + "artifacts-on-disk", + "ioc-in-logs" + ] + }, + "session_types": false, + "needs_cleanup": null + }, "exploit_unix/webapp/open_flash_chart_upload_exec": { "name": "Open Flash Chart v2 Arbitrary File Upload", "fullname": "exploit/unix/webapp/open_flash_chart_upload_exec",