all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2022-4510: Directory Traversal RCE Vulnerability in binwalk

Add to bookmarks
Feb. 4, 2023, 3:01 p.m. | CryptoCat

CryptoCat www.youtube.com

A path traversal vulnerability (CVE-2022-4510) was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 (inclusive). This vulnerability allows remote attackers to execute arbitrary code on affected installations of binwalk. User interaction is required to exploit this vulnerability in that the target must open the malicious file with binwalk using extract mode (-e option). The issue lies within the PFS (obscure filesystem format found in some embedded devices) extractor plugin that was merged into binwalk in 2017. Write-ups/tutorials aimed …

attackers code cve devices directory directory traversal embedded exploit extract file filesystem issue labs lies malicious mode path path traversal pfs plugin rce target version vulnerability

Visit resource

More from www.youtube.com / CryptoCat

Burp Suite Certified Professional (BSCP) Review + Tips/Tricks [Portswigger] 2 weeks, 3 days ago | www.youtube.com
appsec bounty bug bug bounty +25
1: SQL Injection (Union + Blind) - Gin and Juice Shop (Portswigger) 1 month, 1 week ago | www.youtube.com
application burp burp suite exploit +18
HackTheBox Cyber Apocalypse 2024: Web Challenge Walkthroughs 1 month, 3 weeks ago | www.youtube.com
403 bypass api api testing apocalypse +32
0: Getting Started with Burp Suite - Gin and Juice Shop (Portswigger) 2 months ago | www.youtube.com
application burp burp suite course +17
LA CTF 2024: Web Challenge Walkthroughs (1-4) 2 months, 2 weeks ago | www.youtube.com
beginners challenge challenges conditions +26
How to Approach an OSINT Challenge - "Photographs" [INTIGRITI 1337UP LIVE CTF 2023] 5 months, 1 week ago | www.youtube.com
accounts back challenge ctf +19
Format String Vulnerability - "Floor Mat Store" [INTIGRITI 1337UP LIVE CTF 2023] 5 months, 2 weeks ago | www.youtube.com
binary binary exploitation challenge computer +12
Websocket SQLi and Weak JWT Signing Key - "Bug Report Repo" [INTIGRITI 1337UP LIVE CTF … 5 months, 2 weeks ago | www.youtube.com
bug challenge ctf exploit +21
Unity Game Hacking Challenge - "Azusawa’s Gacha World" [SekaiCTF] 8 months, 1 week ago | www.youtube.com
analysis beginners challenge cheat +26

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

PMO Cybersécurité H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Third Party Risk Management - Consultant

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Consultant Cyber Sécurité H/F - Strasbourg

@ Hifield | Strasbourg, France
View on infosec-jobs.com

Information Security Compliance Analyst

@ KPMG Australia | Melbourne, Australia
View on infosec-jobs.com

GDS Consulting - Cyber Security | Data Protection Senior Consultant

@ EY | Taguig, PH, 1634
View on infosec-jobs.com

Senior QA Engineer - Cloud Security

@ Tenable | Israel
View on infosec-jobs.com
View more jobs