Remote Code Execution Vulnerability in Netatalk by System Administration
CVE-2022-23125

9.8CRITICAL

Key Information:

Vendor

Netatalk

Status
Netatalk
Vendor
CVE Published:
28 March 2023

What is CVE-2022-23125?

This vulnerability in Netatalk allows remote attackers to execute arbitrary code on vulnerable installations without authentication. The flaw occurs within the copyapplfile function, where user-supplied data is improperly validated before being copied into a pre-allocated buffer. This oversight can be exploited by attackers to run code with root privileges, posing significant security risks to the affected systems.

Affected Version(s)

Netatalk 5.18.117

References

https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html
https://www.zerodayinitiative.com/advisories/ZDI-22-526/
https://lists.debian.org/debian-lts-announce/2023/05/msg0...
mailing-list

EPSS Score

32% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

CVSS V3.0

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Theori (@theori_io)
.