CVE-2022-30333

This PoC exploits CVE-2022-30333, a path traversal vulnerability in unRAR versions prior to 6.11, by generating a malicious RAR archive that extracts files to arbitrary locations. The script constructs a RAR file with a symlink and payload data, enabling arbitrary file write during extraction.

This PoC demonstrates a path traversal vulnerability in UnRAR (CVE-2022-30333) by crafting malicious RAR archives that write files outside the intended directory. It includes test cases for Linux and Zimbra Mail Server exploitation via Amavisd extraction.

This PoC exploits CVE-2022-30333, a vulnerability in Zimbra's UNRAR functionality (versions up to 6.11). It crafts a malicious RAR archive containing a symlink traversal payload to deploy a JSP webshell in the webroot directory.

This repository contains a proof-of-concept exploit for CVE-2022-30333, a path traversal vulnerability in unRAR versions prior to 6.11. The exploit generates a malicious RAR file that extracts files to arbitrary locations, potentially leading to remote code execution (RCE).

This PoC exploits CVE-2022-30333, a path traversal vulnerability in unRAR versions prior to 6.11, by generating a malicious RAR file that extracts a payload to an arbitrary location via symlink manipulation. The script constructs a RAR archive with a symlink and payload data, enabling arbitrary file write during extraction.

This Metasploit module exploits CVE-2022-30333, a path traversal vulnerability in UnRAR (versions 6.11 or earlier) used by Zimbra Collaboration Suite. It crafts a malicious RAR file that, when processed by the server, extracts a JSP payload to a traversed directory, enabling remote code execution.

This Metasploit module exploits CVE-2022-30333, a path-traversal vulnerability in UnRAR, by creating a malicious RAR file that extracts a payload to an arbitrary location on Linux systems via symbolic link manipulation.