PaulLereverend
commented
5 years ago Hi,
Do you have the latest version of the app ? What type of archive are you trying to uncompress ? Is it working with an admin ?
Closed hdbreaker closed 5 years ago
PaulLereverend
commented
5 years ago Hi,
Do you have the latest version of the app ? What type of archive are you trying to uncompress ? Is it working with an admin ?
hdbreaker
commented
5 years ago I'm using docker image: . docker run -d -p 8080:80 nextcloud with Extract add-on v1.1.1
hdbreaker
commented
5 years ago I was able to solve the problem, also I want to send our post about how we detect the RCE Vulnerability CVE-2019-12739 in the extract plugin v1.1.1: https://www.secsignal.org/news/a-tale-of-rce-nextcloud-extract-app/
PaulLereverend
commented
5 years ago I know that the admin issue came out on previous version of this plugin, that's why I asked you if you used the latest version of the app. I was aware about this security issue and I fixed it on version 1.2 a month ago. In order to be safe, everyone must keep his apps up to date in NC app center.
Hi Paul,
I am having the following issue when a normal user tries to uncompress a file: {"message":"Logged in user must be an admin"}