CVE Details

CVE-2022-30333 RARLAB UnRAR Directory Traversal Vulnerability
Published: 2022-08-09 CVSS: 7.5 HIGH Product: RARLAB UnRAR Due Date: 2022-08-30

RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract (unpack) operation.

GitHub PoC

Warning: GitHub PoC repositories are unverified. Some may be fake or contain malware. Use caution and review code before running anything.

FIRST EPSS

EPSS estimates the probability of exploitation in the next 30 days. Higher values indicate higher likelihood of real-world exploitation.

Timeline

CVE Stalker KEV MITRE GitHub FIRST (EPSS)

MITRE

CVSS

  • Score: 7.5
  • Severity: HIGH
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

SSVC

  • Exploitation: active
  • Automatable: yes
  • Technical Impact: partial

References

Show Raw Data
Key Remaining Key Value
dataType CVE_RECORD
dataVersion 5.1
cveMetadata > state PUBLISHED
cveMetadata > cveId CVE-2022-30333
cveMetadata > assignerOrgId 8254265b-2729-46b6-b9e3-3dfca2d5bfca
cveMetadata > assignerShortName mitre
cveMetadata > dateUpdated 2025-10-21T23:15:40.223Z
cveMetadata > dateReserved 2022-05-07T00:00:00.000Z
cveMetadata > datePublished 2022-05-09T00:00:00.000Z
containers > cna > providerMetadata > orgId 8254265b-2729-46b6-b9e3-3dfca2d5bfca
containers > cna > providerMetadata > shortName mitre
containers > cna > providerMetadata > dateUpdated 2023-09-17T06:06:09.291Z
containers > cna > descriptions > 0 > lang en
containers > cna > descriptions > 0 > value RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
containers > cna > affected > 0 > vendor n/a
containers > cna > affected > 0 > product n/a
containers > cna > affected > 0 > versions > 0 > version n/a
containers > cna > affected > 0 > versions > 0 > status affected
containers > cna > references > 0 > url https://www.rarlab.com/rar_add.htm
containers > cna > references > 1 > url https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz
containers > cna > references > 2 > url https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/
containers > cna > references > 3 > url http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html
containers > cna > references > 4 > name [debian-lts-announce] 20230817 [SECURITY] [DLA 3534-1] rar security update
containers > cna > references > 4 > tags > 0 mailing-list
containers > cna > references > 4 > url https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html
containers > cna > references > 5 > name GLSA-202309-04
containers > cna > references > 5 > tags > 0 vendor-advisory
containers > cna > references > 5 > url https://security.gentoo.org/glsa/202309-04
containers > cna > problemTypes > 0 > descriptions > 0 > type text
containers > cna > problemTypes > 0 > descriptions > 0 > lang en
containers > cna > problemTypes > 0 > descriptions > 0 > description n/a
containers > adp > 0 > providerMetadata > orgId af854a3a-2127-422b-91ae-364da2661108
containers > adp > 0 > providerMetadata > shortName CVE
containers > adp > 0 > providerMetadata > dateUpdated 2024-08-03T06:48:35.705Z
containers > adp > 0 > title CVE Program Container
containers > adp > 0 > references > 0 > url https://www.rarlab.com/rar_add.htm
containers > adp > 0 > references > 0 > tags > 0 x_transferred
containers > adp > 0 > references > 1 > url https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz
containers > adp > 0 > references > 1 > tags > 0 x_transferred
containers > adp > 0 > references > 2 > url https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/
containers > adp > 0 > references > 2 > tags > 0 x_transferred
containers > adp > 0 > references > 3 > url http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html
containers > adp > 0 > references > 3 > tags > 0 x_transferred
containers > adp > 0 > references > 4 > name [debian-lts-announce] 20230817 [SECURITY] [DLA 3534-1] rar security update
containers > adp > 0 > references > 4 > tags > 0 mailing-list
containers > adp > 0 > references > 4 > tags > 1 x_transferred
containers > adp > 0 > references > 4 > url https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html
containers > adp > 0 > references > 5 > name GLSA-202309-04
containers > adp > 0 > references > 5 > tags > 0 vendor-advisory
containers > adp > 0 > references > 5 > tags > 1 x_transferred
containers > adp > 0 > references > 5 > url https://security.gentoo.org/glsa/202309-04
containers > adp > 1 > metrics > 0 > cvssV3_1 > scope UNCHANGED
containers > adp > 1 > metrics > 0 > cvssV3_1 > version 3.1
containers > adp > 1 > metrics > 0 > cvssV3_1 > baseScore 7.5
containers > adp > 1 > metrics > 0 > cvssV3_1 > attackVector NETWORK
containers > adp > 1 > metrics > 0 > cvssV3_1 > baseSeverity HIGH
containers > adp > 1 > metrics > 0 > cvssV3_1 > vectorString CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
containers > adp > 1 > metrics > 0 > cvssV3_1 > integrityImpact HIGH
containers > adp > 1 > metrics > 0 > cvssV3_1 > userInteraction NONE
containers > adp > 1 > metrics > 0 > cvssV3_1 > attackComplexity LOW
containers > adp > 1 > metrics > 0 > cvssV3_1 > availabilityImpact NONE
containers > adp > 1 > metrics > 0 > cvssV3_1 > privilegesRequired NONE
containers > adp > 1 > metrics > 0 > cvssV3_1 > confidentialityImpact NONE
containers > adp > 1 > metrics > 1 > other > type ssvc
containers > adp > 1 > metrics > 1 > other > content > id CVE-2022-30333
containers > adp > 1 > metrics > 1 > other > content > role CISA Coordinator
containers > adp > 1 > metrics > 1 > other > content > options > 0 > Exploitation active
containers > adp > 1 > metrics > 1 > other > content > options > 1 > Automatable yes
containers > adp > 1 > metrics > 1 > other > content > options > 2 > Technical Impact partial
containers > adp > 1 > metrics > 1 > other > content > version 2.0.3
containers > adp > 1 > metrics > 1 > other > content > timestamp 2025-01-29T16:18:17.553759Z
containers > adp > 1 > metrics > 2 > other > type kev
containers > adp > 1 > metrics > 2 > other > content > dateAdded 2022-08-09
containers > adp > 1 > metrics > 2 > other > content > reference https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30333
containers > adp > 1 > references > 0 > url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30333
containers > adp > 1 > references > 0 > tags > 0 government-resource
containers > adp > 1 > problemTypes > 0 > descriptions > 0 > lang en
containers > adp > 1 > problemTypes > 0 > descriptions > 0 > type CWE
containers > adp > 1 > problemTypes > 0 > descriptions > 0 > cweId CWE-59
containers > adp > 1 > problemTypes > 0 > descriptions > 0 > description CWE-59 Improper Link Resolution Before File Access ('Link Following')
containers > adp > 1 > problemTypes > 1 > descriptions > 0 > lang en
containers > adp > 1 > problemTypes > 1 > descriptions > 0 > type CWE
containers > adp > 1 > problemTypes > 1 > descriptions > 0 > cweId CWE-22
containers > adp > 1 > problemTypes > 1 > descriptions > 0 > description CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
containers > adp > 1 > timeline > 0 > time 2022-08-09T00:00:00.000Z
containers > adp > 1 > timeline > 0 > lang en
containers > adp > 1 > timeline > 0 > value CVE-2022-30333 added to CISA KEV
containers > adp > 1 > title CISA ADP Vulnrichment
containers > adp > 1 > providerMetadata > orgId 134c704f-9b21-4f2e-91b3-4a467353bcc0
containers > adp > 1 > providerMetadata > shortName CISA-ADP
containers > adp > 1 > providerMetadata > dateUpdated 2025-10-21T23:15:40.223Z