CVE-2023-6908 | DFIRKuiper 2.3.4 TAR Archive case_management.py unzip_file dst_path path traversal (ID 106)

Posted by Angelo Barbosa | Dec 17, 2023 | CVE

A vulnerability, which was classified as problematic, was found in DFIRKuiper Kuiper 2.3.4. This affects the function unzip_file of the file kuiper/app/controllers/case_management.py of the component TAR Archive Handler. The manipulation of the argument dst_path leads to path traversal.

This vulnerability is uniquely identified as CVE-2023-6908. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-6908 | DFIRKuiper 2.3.4 TAR Archive case_management.py unzip_file dst_path path traversal (ID 106)

Related Posts

CVE-2024-32789 | Seers Plugin up to 8.1.0 on WordPress cross-site request forgery

CVE-2023-40058 | SolarWinds Access Rights Manager up to 2023.2.1 Environment access control

CVE-2023-49747 | WebFactory Guest Author Plugin up to 2.3 on WordPress cross site scripting

CVE-2024-27382 | Samsung Exynos 1330 slsi_send_action_frame heap-based overflow