112 matches found
Binwalk
This is an implementation of the Binwalk firmware analysis tool in Rust, written for speed and accuracy. Binwalk can identify and optionally extract files and data embedded inside other files, with a focus on firmware analysis. It supports a wide variety of file and data types and can even help...
Linux Distros Unpatched Vulnerability : CVE-2022-4510
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an...
Linux Distros Unpatched Vulnerability : CVE-2021-4287
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file...
SUSE CVE-2022-4510
A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an attacker can get binwalk's PFS extractor to extract files at arbitrary locations when binwalk is run in extraction mode -e option. Remot...
Fedora 37 : binwalk (2022-a36ba48049)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-a36ba48049 advisory. Security fix for CVE-2021-4287 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...
OPENSUSE-SU-2024:12649-1 binwalk-2.3.3-2.1 on GA media
These are all security issues fixed in the binwalk-2.3.3-2.1 package on the GA media of openSUSE Tumbleweed...
Binwalk: Multiple Vulnerabilities
Background Binwalk is a tool for identifying files embedded inside firmware images. Description Multiple vulnerabilities have been discovered in Binwalk. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround The...
GLSA-202309-07 : Binwalk: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202309-07 Binwalk: Multiple Vulnerabilities - A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an attacker can get...
Binwalk 2.3.2 Remote Command Execution
Exploit Title: Binwalk v2.3.2 - Remote Command Execution RCE Exploit Author: Etienne Lacoche CVE-ID: CVE-2022-4510 import os import inspect import argparse print"" print"" print"------------------CVE-2022-4510----------------" print"" print"--------Binwalk Remote Command Execution--------"...
Binwalk v2.3.2 - Remote Command Execution Exploit
Exploit Title: Binwalk v2.3.2 - Remote Command Execution RCE Exploit Author: Etienne Lacoche CVE-ID: CVE-2022-4510 import os import inspect import argparse print"" print"" print"------------------CVE-2022-4510----------------" print"" print"--------Binwalk Remote Command Execution--------"...
Binwalk v2.3.2 - Remote Command Execution (RCE)
Exploit Title: Binwalk v2.3.2 - Remote Command Execution RCE Exploit Author: Etienne Lacoche CVE-ID: CVE-2022-4510 import os import inspect import argparse print"" print"" print"------------------CVE-2022-4510----------------" print"" print"--------Binwalk Remote Command Execution--------"...
Mageia: Security Advisory (MGASA-2023-0074)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Path Traversal
binwalk is vulnerable to Path Traversal. By crafting a malicious PFS file, an attacker is able to get the PFS extractor to extract files at arbitrary locations when binwalk is run in extraction mode which may result in remote code executions...
MGASA-2023-0074 Updated binwalk packages fix security vulnerability
Remote code execution using crafted PFS filesystem. CVE-2022-4510...
Updated binwalk packages fix security vulnerability
Remote code execution using crafted PFS filesystem. CVE-2022-4510...
Debian: Security Advisory (DLA-3339-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3339 : binwalk - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3339 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3339-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DLA 3339-1] binwalk security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3339-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk February 23, 2023 https://wiki.debian.org/LTS -...
DLA-3339-1 binwalk - security update
Bulletin has no description...
SUSE CVE-2021-4287
A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possible to launch the...