Unrated severityNVD Advisory· Published Oct 21, 2015· Updated May 6, 2026

CVE-2015-7698

Description

icewind1991 SMB before 1.0.3 allows remote authenticated users to execute arbitrary SMB commands via shell metacharacters in the user argument in the (1) listShares function in Server.php or the (2) connect or (3) read function in Share.php.

Affected products

OwnCloud/Owncloud
cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*
Range: <=8.1.1
OwnCloud/Smb
cpe:2.3:a:owncloud:smb:*:*:*:*:*:*:*:*
Range: <=1.0.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/icewind1991/SMB/commit/33ab10cc4d5c3e48cba3a074b5f9fc67590cd032nvdVendor Advisory
owncloud.org/security/advisory/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000