Plexus Archiver vulnerable to Arbitrary File Creation in AbstractUnArchiver
CVE-2023-37460

8.1HIGH

Key Information:

Vendor

Codehaus-plexus

Status
Plexus-archiver
Vendor
CVE Published:
25 July 2023

What is CVE-2023-37460?

Plexis Archiver, a collection of components for creating and extracting archives, is vulnerable to arbitrary file creation and potential remote code execution. Before version 4.8.0, when extracting an archive file that exists as a non-functional symbolic link, the resolveFile() function inaccurately returns the symlink source instead of its target. This oversight can mislead the system verification, enabling files to be extracted outside the designated directory. The subsequent Files.newOutputStream() operation allows content from untrusted archives to be written to unintended locations. Users of Plexis Archiver must update to version 4.8.0 or later to mitigate this risk.

Affected Version(s)

plexus-archiver < 4.8.0

References

https://github.com/codehaus-plexus/plexus-archiver/securi...
x_refsource_CONFIRM
https://github.com/codehaus-plexus/plexus-archiver/commit...
x_refsource_MISC
https://github.com/codehaus-plexus/plexus-archiver/releas...
x_refsource_MISC

EPSS Score

38% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2023-37460 : Plexus Archiver vulnerable to Arbitrary File Creation in AbstractUnArchiver