{"id":"CVE-2021-37617","details":"The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. The Nextcloud Desktop Client invokes its uninstaller script when being installed to make sure there are no remnants of previous installations. In versions 3.0.3 through 3.2.4, the Client searches the `Uninstall.exe` file in a folder that can be written by regular users. This could lead to a case where a malicious user creates a malicious `Uninstall.exe`, which would be executed with administrative privileges on the Nextcloud Desktop Client installation. This issue is fixed in Nextcloud Desktop Client version 3.3.0. As a workaround, do not allow untrusted users to create content in the `C:\\` system folder and verify that there is no malicious `C:\\Uninstall.exe` file on the system.","modified":"2026-03-13T22:00:45.320954Z","published":"2021-08-18T18:15:08.063Z","related":["GHSA-6q2w-v879-q24v"],"references":[{"type":"ADVISORY","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6q2w-v879-q24v"},{"type":"REPORT","url":"https://hackerone.com/reports/1240749"},{"type":"FIX","url":"https://github.com/nextcloud/desktop/pull/3497"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nextcloud/desktop","events":[{"introduced":"78da725ac38e1508e5800d02fd1700a4e43b1088"},{"fixed":"acf3bf0959fc83393b71fbeed5b7633cab0f0d9d"}],"database_specific":{"versions":[{"introduced":"3.0.3"},{"fixed":"3.3.0"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-37617.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}]}