Arbitrary File Overwriting and Remote Code Execution in ONLYOFFICE DocumentServer

Arbitrary File Overwriting and Remote Code Execution in ONLYOFFICE DocumentServer

CVE-2021-25833 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A file extension handling issue was found in [server] module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. The file extension is controlled by an attacker through the request data and leads to arbitrary file overwriting. Using this vulnerability, a remote attacker can obtain remote code execution on DocumentServer.

Learn more about our Cis Benchmark Audit For Microsoft Office.