CVE-2022-30333
CVE-2022-30333
In short
UnRAR versions before 6.12 on Linux and UNIX have a flaw that lets attackers write files outside the intended folder when extracting RAR archives, potentially creating or modifying sensitive files like SSH keys. This could allow unauthorized access to a system.
Technical detail
A path traversal vulnerability (CWE-22, CWE-59) in UnRAR <6.12 on Linux/UNIX allows arbitrary file write during extraction when processing specially crafted RAR archives. An attacker can exploit this by providing a malicious archive that writes to locations outside the extraction directory (e.g., ~/.ssh/authorized_keys), bypassing directory constraints and enabling privilege escalation or unauthorized access.
Summary generated and translated by AI from the official description.
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected products
n/a · n/apublic PoCs found — 6
githubgithub.com/rbowes-r7/unrar-cve-2022-30333-poc★ 14githubgithub.com/TheL1ghtVn/CVE-2022-30333-PoC★ 13githubgithub.com/aslitsecurity/Zimbra-CVE-2022-30333★ 7githubgithub.com/RakhithJK/CVE-2022-30333★ 0githubgithub.com/paradox0909/cve-2022-30333_online_rar_extracor★ 0cve_referencepacketstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.htmlhttps://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/https://lists.debian.org/debian-lts-announce/2023/08/msg00022.htmlhttps://security.gentoo.org/glsa/202309-04https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30333https://www.rarlab.com/rar_add.htmhttps://www.rarlab.com/rar/rarlinux-x32-612.tar.gz