CVE-2022-30333

Related Files

UnRAR Path Traversal

Posted Sep 12, 2024

Authored by Ron Bowes, Simon Scannell | Site metasploit.com

This Metasploit module creates a RAR file that exploits CVE-2022-30333, which is a path-traversal vulnerability in unRAR that can extract an arbitrary file to an arbitrary location on a Linux system. UnRAR fixed this vulnerability in version 6.12 (open source version 6.1.7). The core issue is that when a symbolic link is unRARed, Windows symbolic links are not properly validated on Linux systems and can therefore write a symbolic link that points anywhere on the filesystem. If a second file in the archive has the same name, it will be written to the symbolic link path.

tags | exploit, arbitrary

systems | linux, windows

advisories | CVE-2022-30333

SHA-256 | 2df85540ffe31bd6abf8706295866ebd1d381d12c36e4680836b772ead8e9445

Download | Favorite | View

Ubuntu Security Notice USN-6569-1

Posted Jan 9, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6569-1 - it was discovered that libclamunrar incorrectly handled directories when extracting RAR archives. A remote attacker could possibly use this issue to overwrite arbitrary files and execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. It was discovered that libclamunrar incorrectly validated certain structures when extracting RAR archives. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary

systems | linux, ubuntu

advisories | CVE-2022-30333, CVE-2023-40477

SHA-256 | b81771e4d8b0760cfe218cfa3429b18ca1622f8f2c85cd6d4ac1ca217536f86f

Download | Favorite | View

Gentoo Linux Security Advisory 202309-04

Posted Sep 18, 2023

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202309-4 - An arbitrary file overwrite vulnerability has been discovered in RAR and UnRAR, potentially resulting in arbitrary code execution. Versions greater than or equal to 6.23 are affected.

tags | advisory, arbitrary, code execution

systems | linux, gentoo

advisories | CVE-2022-30333, CVE-2023-40477

SHA-256 | 5a06e6649971fc4849f8ff18bd2becdac0040f6dd14b63af1af82e010cf3ebcb

Download | Favorite | View

Zimbra UnRAR Path Traversal

Posted Aug 5, 2022

Authored by Ron Bowes, Simon Scannell | Site metasploit.com

This Metasploit module creates a RAR file that can be emailed to a Zimbra server to exploit CVE-2022-30333. If successful, it plants a JSP-based backdoor in the public web directory, then executes that backdoor. The core vulnerability is a path-traversal issue in unRAR that can extract an arbitrary file to an arbitrary location on a Linux system. This issue is exploitable on Zimbra Collaboration versions 9.0.0 Patch 24 and below and 8.8.15 Patch 31 and below provided that UnRAR versions 6.11 or below are installed.

tags | exploit, web, arbitrary

systems | linux

advisories | CVE-2022-30333

SHA-256 | ca0f5b8e2038241415fba603b901534752f2529d4c8d1c1134f97e76d1935fef

Download | Favorite | View