Vulnerability detail
Enriched intelligence for a single CVE
High
CVE-2022-30333
PUBLISHEDRARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated...
- Vendor
- RARLAB
- Product
- UnRAR
- Published
- May 09, 2022
- EPSS
- —
Description
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
CVSS scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AV:N/AC:L/Au:N/C:N/I:P/A:N
SSVC decision points
- Exploitation
- active
- Automatable
- Yes
- Technical impact
- partial
References
- https://www.rarlab.com/rar_add.htm
- https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz
- https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/
- http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html
- https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html
- https://security.gentoo.org/glsa/202309-04
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CISA | Aug 09, 2022 |
Scanner integrations
| Scanner | Reference | Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/zimbra_unrar_cve_2022_30333.rb | Apr 29, 2025 |
Potential proof of concepts
These PoCs are unverified and could contain malware. Use at your own risk.
github · Created 2022-07-26 13:28:12 UTC · 7 stars
Zimbra unrar vulnerability. Now there are already POC available, it is safe to release our POC.
github · Created 2022-07-22 01:14:29 UTC · 2 stars
github · Created 2022-07-05 02:35:12 UTC · 13 stars
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel
-
Detected by Metasploit
-
Exploit Used in Malware