Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-30333

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.926
EPSS Ranking 99.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Proposed Action
RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract (unpack) operation.
Ransomware Campaign
Known
Products affected by CVE-2022-30333
  • Rarlab » Unrar » Version: 0.0.1
    cpe:2.3:a:rarlab:unrar:0.0.1
  • Rarlab » Unrar » Version: 5.5.4
    cpe:2.3:a:rarlab:unrar:5.5.4
  • Rarlab » Unrar » Version: 5.5.6
    cpe:2.3:a:rarlab:unrar:5.5.6
  • Rarlab » Unrar » Version: 5.6.1.2
    cpe:2.3:a:rarlab:unrar:5.6.1.2
  • Rarlab » Unrar » Version: 5.6.1.3
    cpe:2.3:a:rarlab:unrar:5.6.1.3
  • Rarlab » Unrar » Version: 6.0.3
    cpe:2.3:a:rarlab:unrar:6.0.3
  • Debian » Debian Linux » Version: 10.0
    cpe:2.3:o:debian:debian_linux:10.0
  • Linux » Linux Kernel » Version: N/A
    cpe:2.3:o:linux:linux_kernel:-
  • Opengroup » Unix » Version: N/A
    cpe:2.3:o:opengroup:unix:-


Products
Pricing
Contact Us

Shodan ® - All rights reserved