CVE-2022-4510

2023-01-2621:18:06

CWE-22

[email protected]

web.nvd.nist.gov

cve-2022-4510

refirm labs

binwalk

path traversal

vulnerability

remote code execution

pfs filesystem

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.267 Low

EPSS

Percentile

96.8%

JSON

A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an attacker can get binwalk’s PFS extractor to extract files at arbitrary locations when binwalk is run in extraction mode (-e option). Remote code execution can be achieved by building a PFS filesystem that, upon extraction, would extract a malicious binwalk module into the folder .config/binwalk/plugins.
This vulnerability is associated with program files src/binwalk/plugins/unpfs.py.

This issue affects binwalk from 2.1.2b through 2.3.3 included.

Affected configurations

NVD

Node

microsoftbinwalkRange2.2.0–2.3.3

CPENameOperatorVersion
microsoft:binwalkmicrosoft binwalklt2.3.3

CPE	Name	Operator	Version
microsoft:binwalk	microsoft binwalk	lt	2.3.3

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "PFS extractor"
    ],
    "packageName": "binwalk",
    "platforms": [
      "Linux",
      "MacOS"
    ],
    "product": "binwalk",
    "programFiles": [
      "https://github.com/ReFirmLabs/binwalk/blob/11a9bcd4451c4e5ff5db5abbc0df06e7b8838568/src/binwalk/plugins/unpfs.py"
    ],
    "repo": "https://github.com/ReFirmLabs/binwalk/",
    "vendor": "Refirm Labs",
    "versions": [
      {
        "lessThanOrEqual": "2.3.3",
        "status": "affected",
        "version": "2.1.2b",
        "versionType": "2.1.2b"
      }
    ]
  }
]