A popular device and application used by millions of individuals and businesses around the world to store documents is vulnerable to a zero-click flaw, a group of Dutch researchers have discovered.