CVE-2022-48579

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 7, 2023

Updated: Aug 17, 2023

CWE ID 59

Summary

CVE-2022-48579 is a vulnerability affecting UnRAR before version 6.2.3. Hackers can exploit this issue by creating symlink chains during the extraction process, allowing files to be extracted to unintended directories outside of the designated destination folder. This poses a risk for unauthorized access or data leakage if sensitive files are involved. Users are advised to update to the latest version of UnRAR to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

UnRAR

Affected Vendors

RARlab

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sP3oio
https://www.cve.org/CVERecord?id=CVE-2022-48579
https://nvd.nist.gov/vuln/detail/CVE-2022-48579

Back to Vulnerability Database