Saturday, December 9, 2023

Zip Slip Vulnerability Let Attacker Import Malicious Code and Execute Arbitrary Code

A critical Zip Slip vulnerability was discovered in the open-source data cleaning and transformation tool ‘OpenRefine’, which allowed attackers to import malicious code and execute arbitrary code.

OpenRefine is a strong Java-based, free, open-source tool for handling messy data. This includes cleaning it, converting it into a different format, and expanding it with web services and external data.

According to SonarCloud, the Zip Slip vulnerability in OpenRefine allows attackers to overwrite existing files or the extraction of contents to unexpected locations. This vulnerability is caused by insufficient path validation while extracting archives.


Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Details of the OpenRefine Zip Slip Vulnerability

The project import feature of OpenRefine versions 3.7.3 and earlier is vulnerable to a Zip Slip vulnerability (CVE-2023-37476) with a CVSS score of 7.8. 

Although OpenRefine is only intended to execute locally on a user’s computer, a user can be tricked into importing a malicious project file. Once this file is imported, the attacker will be able to run arbitrary code on the victim’s computer.

web Interface
Web Interface of OpenRefine Tool

“The vulnerability gives attackers a strong primitive: writing files with arbitrary content to an arbitrary location on the filesystem. For applications running with root privileges, there are dozens of possibilities to turn this into arbitrary code execution on the operating system: adding a new user to the passwd file, adding an SSH key, creating a cron job, and more”, researchers said.

Fix Available

OpenRefine Version 3.7.4, published on July 17, 2023, has a fix for the issue.

In light of this, Users are recommended to update to OpenRefine 3.7.4 as soon as feasible.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.


Latest articles

WordPress POP Chain Flaw Exposes Over 800M+ Websites to Attack

A critical remote code execution vulnerability has been patched as part of the Wordpress...

Russian Star Blizzard New Evasion Techniques to Hijack Email Accounts

Hackers target email accounts because they contain valuable personal and financial information. Successful email...

Exploitation Methods Used by PlugX Malware Revealed by Splunk Research

PlugX malware is sophisticated in evasion, as it uses the following techniques to avoid...

TA422 Hackers Attack Organizations Using Outlook & WinRAR Vulnerabilities

Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative...

Bluetooth keystroke-injection Flaw: A Threat to Apple, Linux & Android Devices

An unauthenticated Bluetooth keystroke-injection vulnerability that affects Android, macOS, and iOS devices has been...

Atlassian Patches RCE Flaw that Affected Multiple Products

Atlassian has been discovered with four new vulnerabilities associated with Remote Code Execution in...

Reflectiz Introduces AI-powered Insights on Top of Its Smart Alerting System

Reflectiz, a cybersecurity company specializing in continuous web threat management, proudly introduces a new...

Endpoint Strategies for 2024 and beyond

Converge and Defend

What's the pulse of Unified Endpoint Management and Security (UEMS) in Europe? Join us live to uncover the strategies that are defining endpoint security in the region.

Related Articles