Описание
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Одно из
EPSS
5.8 Medium
CVSS2
Дефекты
Связанные уязвимости
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.
Open-source ARJ archiver 3.10.22 does not properly remove leading slas ...
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.
EPSS
5.8 Medium
CVSS2