CVE-2022-30333

high-risk
Published 2022-05-09

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.

Do I need to act?

!
92.8% chance of exploitation in next 30 days
EPSS score — higher than 7% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (2)

Unrar

Affected Vendors

Debian Rarlab

References (13)

Exploit http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html
Exploit https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/
Mailing List https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html
Third Party Advisory https://security.gentoo.org/glsa/202309-04
Patch https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz
Product https://www.rarlab.com/rar_add.htm
Exploit http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html
Exploit https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/
Mailing List https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html
Third Party Advisory https://security.gentoo.org/glsa/202309-04
Patch https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz
Product https://www.rarlab.com/rar_add.htm
US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-...
60
/ 100
high-risk
Severity 26/34 · High
Exploitability 27/34 · High
Exposure 7/34 · Low