All vulnerabilities
CVE-2022-30333 Known ransomware use
RARLAB UnRAR Directory Traversal Vulnerability
RARLAB — UnRAR
- Added to KEV catalog
- 9 August 2022
- Federal remediation due date
- 30 August 2022
- Weakness classification (CWE)
- CWE-22, CWE-59
CISA Description
RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract (unpack) operation.
Required action
Apply updates per vendor instructions.
Notes
Vulnerability updated with version 6.12. Accessing link will download update information: https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz; https://nvd.nist.gov/vuln/detail/CVE-2022-30333
More RARLAB Vulnerabilities
Confirm Your Exposure
Is this vulnerability present in your environment?
CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.
Explore VAPT Services