iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tarfile.extractall method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-25626.
History

Mon, 30 Dec 2024 23:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 30 Dec 2024 20:30:00 +0000

Type Values Removed Values Added
Description iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tarfile.extractall method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-25626.
Title iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability
Weaknesses CWE-22
References
Metrics cvssV3_0

{'score': 7.5, 'vector': 'CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published: 2024-12-30T20:12:12.970Z

Updated: 2024-12-30T23:06:10.269Z

Reserved: 2024-11-27T23:37:05.474Z

Link: CVE-2024-11944

cve-icon Vulnrichment

Updated: 2024-12-30T23:06:05.193Z

cve-icon NVD

Status : Received

Published: 2024-12-30T21:15:05.493

Modified: 2024-12-30T21:15:05.493

Link: CVE-2024-11944

cve-icon Redhat

No data.