CVE-2021-4287
published 2022-12-27CVE-2021-4287: A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file…
PriorityP335medium6.5CVSS 3.1
AVNACLPRNUIRSUCHINAN
EPSS
1.93%
77.5th percentile
A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possible to launch the attack remotely. Upgrading to version 2.3.3 is able to address this issue. The name of the patch is fa0c0bd59b8588814756942fe4cb5452e76c1dcd. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216876.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | binwalk | < binwalk 2.3.3+dfsg1-1 (bookworm) | binwalk 2.3.3+dfsg1-1 (bookworm) |
| microsoft | binwalk | < 2.3.3 | 2.3.3 |
| refirm_labs | binwalk | >= 0 < 2.3.3+dfsg1-1 | 2.3.3+dfsg1-1 |
| refirm_labs | binwalk | >= 0 < 2.3.3+dfsg1-1 | 2.3.3+dfsg1-1 |
| refirm_labs | binwalk | >= 0 < 2.3.3+dfsg1-1 | 2.3.3+dfsg1-1 |
| refirm_labs | binwalk | >= 0 < 2.3.3 | 2.3.3 |
| refirm_labs | binwalk | 2.1.2b – 2.3.3 | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
osv6.5MEDIUM
vendor_debian5.0LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
binwalk vulnerable to UNIX Symbolic Link (Symlink) Following
osv·2022-12-27
CVE-2021-4287 [MEDIUM] binwalk vulnerable to UNIX Symbolic Link (Symlink) Following
binwalk vulnerable to UNIX Symbolic Link (Symlink) Following
A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possible to launch the attack remotely. Upgrading to version 2.3.3 can address this issue. The name of the patch is fa0c0bd59b8588814756942fe4cb5452e76c1dcd. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216876.
GHSA
binwalk vulnerable to UNIX Symbolic Link (Symlink) Following
ghsa·2022-12-27
CVE-2021-4287 [MEDIUM] CWE-59 binwalk vulnerable to UNIX Symbolic Link (Symlink) Following
binwalk vulnerable to UNIX Symbolic Link (Symlink) Following
A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possible to launch the attack remotely. Upgrading to version 2.3.3 can address this issue. The name of the patch is fa0c0bd59b8588814756942fe4cb5452e76c1dcd. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216876.
OSV
CVE-2021-4287: A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2
osv·2022-12-27·CVSS 6.5
CVE-2021-4287 [MEDIUM] CVE-2021-4287: A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2
A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possible to launch the attack remotely. Upgrading to version 2.3.3 is able to address this issue. The name of the patch is fa0c0bd59b8588814756942fe4cb5452e76c1dcd. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216876.
Debian
CVE-2021-4287: binwalk - A vulnerability, which was classified as problematic, was found in ReFirm Labs b...
vendor_debian·2021·CVSS 5.0
CVE-2021-4287 [MEDIUM] CVE-2021-4287: binwalk - A vulnerability, which was classified as problematic, was found in ReFirm Labs b...
A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possible to launch the attack remotely. Upgrading to version 2.3.3 is able to address this issue. The name of the patch is fa0c0bd59b8588814756942fe4cb5452e76c1dcd. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216876.
Scope: local
bookworm: resolved (fixed in 2.3.3+dfsg1-1)
bullseye: open
forky: resolved (fixed in 2.3.3+dfsg1-1)
sid: resolved (fixed in 2.3.3+dfsg1-1)
trixie: resolved (fixed in 2.3.3+dfsg1-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/ReFirmLabs/binwalk/commit/fa0c0bd59b8588814756942fe4cb5452e76c1dcdhttps://github.com/ReFirmLabs/binwalk/pull/556https://github.com/ReFirmLabs/binwalk/releases/tag/v2.3.3https://vuldb.com/?ctiid.216876https://vuldb.com/?id.216876https://github.com/ReFirmLabs/binwalk/commit/fa0c0bd59b8588814756942fe4cb5452e76c1dcdhttps://github.com/ReFirmLabs/binwalk/pull/556https://github.com/ReFirmLabs/binwalk/releases/tag/v2.3.3https://vuldb.com/?ctiid.216876https://vuldb.com/?id.216876
2022-12-27
Published