All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive that holds directory traversal filenames (e.g. ../../evil.exe). The attacker can overwrite executable files and either invoke them remotely or wait for the system or user to call them, thus achieving remote command execution on the victim’s machine.
References
Link | Resource |
---|---|
https://github.com/alibaba/one-java-agent/blob/1f399a2299a8a409d15ea6111a7098629b8f1050/one-java-agent-plugin/src/main/java/com/alibaba/oneagent/utils/IOUtils.java | Exploit Third Party Advisory |
https://github.com/alibaba/one-java-agent/pull/29 | Patch Third Party Advisory |
https://github.com/alibaba/one-java-agent/pull/29/commits/359603b63fc6c59d8b57e061c171954bab3433bf | Third Party Advisory |
https://snyk.io/vuln/SNYK-JAVA-COMALIBABAONEAGENT-2407874 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: snyk
Published: 2022-05-01T00:00:00
Updated: 2022-05-01T15:25:39
Reserved: 2022-02-24T00:00:00
Link: CVE-2022-25842
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-05-01T16:15:08.710
Modified: 2022-05-11T16:40:22.667
Link: CVE-2022-25842
JSON object: View
Redhat Information
No data.
CWE