CVE-2022-4510

{"id": "CVE-2022-4510", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "research@onekey.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2023-01-26T21:18:06.547", "references": [{"url": "https://github.com/ReFirmLabs/binwalk/pull/617", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "research@onekey.com"}, {"url": "https://security.gentoo.org/glsa/202309-07", "source": "research@onekey.com"}, {"url": "https://github.com/ReFirmLabs/binwalk/pull/617", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/202309-07", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "research@onekey.com", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "\nA path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an attacker can get binwalk's PFS extractor to extract files at arbitrary locations when binwalk is run in extraction mode (-e option). Remote code execution can be achieved by building a PFS filesystem that, upon extraction,\u00a0would extract a malicious binwalk module into the folder .config/binwalk/plugins.\n This vulnerability is associated with program files src/binwalk/plugins/unpfs.py.\n\nThis issue affects binwalk from 2.1.2b through 2.3.3 included.\n\n"}, {"lang": "es", "value": "Se identific\u00f3 una vulnerabilidad de path traversal en binwalk de ReFirm Labs desde la versi\u00f3n 2.1.2b hasta la 2.3.3 incluidas. Mediante la creaci\u00f3n de un archivo de sistema de archivos PFS malicioso, un atacante puede hacer que el extractor PFS de binwalk extraiga archivos en ubicaciones arbitrarias cuando binwalk se ejecuta en modo de extracci\u00f3n (opci\u00f3n -e). Se puede lograr la ejecuci\u00f3n remota de c\u00f3digo creando un sistema de archivos PFS que, al extraerlo, extraiga un m\u00f3dulo malicioso de binwalk en la carpeta .config/binwalk/plugins. Esta vulnerabilidad est\u00e1 asociada a los archivos de programa src/binwalk/plugins/unpfs.py. Este problema afecta a binwalk desde la versi\u00f3n 2.1.2b hasta la 2.3.3 incluidas."}], "lastModified": "2024-11-21T07:35:24.413", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:binwalk:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0573243-9C2F-4B14-8188-A01F9457D408", "versionEndExcluding": "2.3.3", "versionStartIncluding": "2.2.0"}], "operator": "OR"}]}], "sourceIdentifier": "research@onekey.com"}