- USDT(TRC-20)
- $933.0
CVE ID : CVE-2023-5938
Published : May 15, 2024, 5:15 p.m. | 25 minutes ago
Description : Multiple functions use archives without properly validating the filenames therein, rendering the application vulnerable to path traversal via 'zip slip' attacks. An administrator able to provide tampered archives to be processed by the affected versions of Arc may be able to have arbitrary files extracted to arbitrary filesystem locations. Leveraging this issue, an attacker may be able to overwrite arbitrary files on the target filesystem and cause critical impacts on the system (e.g., arbitrary command execution on the victim’s machine).
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Reply if you wish me to write a poc tools of this exploit for you.
Published : May 15, 2024, 5:15 p.m. | 25 minutes ago
Description : Multiple functions use archives without properly validating the filenames therein, rendering the application vulnerable to path traversal via 'zip slip' attacks. An administrator able to provide tampered archives to be processed by the affected versions of Arc may be able to have arbitrary files extracted to arbitrary filesystem locations. Leveraging this issue, an attacker may be able to overwrite arbitrary files on the target filesystem and cause critical impacts on the system (e.g., arbitrary command execution on the victim’s machine).
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Reply if you wish me to write a poc tools of this exploit for you.
![[DK]](/data/avatars/s/57/57999.jpg?1720990206){kind=avatar}
