26 Jan 2023
Vulnérabilité CVE-2022-4510 CVE Vulnerability
A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an attacker can get binwalk's PFS extractor to extract files at arbitrary locations when binwalk is run in extraction mode (-e option). Remote code execution can be achieved by building a PFS filesystem that, upon extraction, would extract a malicious binwalk module into the folder .config/binwalk/plugins. This vulnerability is associated with program files src/binwalk/plugins/unpfs.py. This issue affects binwalk from 2.1.2b through 2.3.3 included. (CVSS:0.0) (Last Update:2023-02-06)
Vulnerability Details : A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an attacker can get binwalk's PFS extractor to extract files at arbitrary locations when binwalk is run in extraction mode (-e option). Remote code execution can be achieved by building a PFS filesystem that, upon extraction, would extract a malicious binwalk module into the folder .config/binwalk/plugins. This vulnerability is associated with program files src/binwalk/plugins/unpfs.py. This issue affects binwalk from 2.1.2b through 2.3.3 included. Publish Date : 2023-01-26 Last Update Date : 2023-02-06 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2022-4510
- Number Of Affected Versions By Product
- References For CVE-2022-4510
| |||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2022-4510There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |