Febinrev

**Name of the Vulnerable Software and Affected Versions** Engrampa versions prior to the version that includes commit 63d5dfa **Description** The issue is related to a Path Traversal vulnerability in Engrampa, an archive manager for the MATE environment. This vulnerability can be leveraged to achieve full Remote Command Execution (RCE) on the target. When handling CPIO archives, Engrampa follows symlinks by default, and the Archiver does not check the symlink location, leading to arbitrary file writes to unintended locations. An attacker can craft a malicious cpio or ISO archive to achieve RCE on the target system. **Recommendations** For versions prior to the version that includes commit 63d5dfa, update to a version that includes the fix commit 63d5dfa to resolve the issue. As a temporary workaround, consider disabling the extraction of CPIO archives or restricting the use of the Engrampa Archive manager until a patch is available. Avoid using Engrampa to extract archives from untrusted sources until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: Atril Document Viewer versions prior to 1.26.2 Description: A path traversal and arbitrary file write issue exists in Atril Document Viewer, allowing an attacker to write arbitrary files anywhere on the filesystem to which the user opening a crafted document has access. The limitation of this issue is that it cannot be exploited to overwrite existing files. However, this does not prevent an attacker from achieving Remote Command Execution on the target system. Recommendations: For versions prior to 1.26.2, update to version 1.26.2 or later to patch the vulnerability. As a temporary workaround, consider restricting access to crafted documents to minimize the risk of exploitation. Avoid using Atril Document Viewer to open documents from untrusted sources until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Atril (affected versions not specified) **Description** The issue is related to a Command Injection Vulnerability in Atril, a simple multi-page document viewer. This vulnerability allows an attacker to gain immediate access to the target system when a crafted document is opened or a malicious link is clicked, utilizing a maliciously crafted CBT document which is a TAR archive. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Deepin-Compressor versions prior to 5.12.21 **Description** The issue is related to a path traversal vulnerability in Deepin-Compressor, the default archive manager of Deepin Linux OS. This vulnerability can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. **Recommendations** For versions prior to 5.12.21, update to version 5.12.21 to address the issue. At the moment, there are no known workarounds for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Deepin Linux's default document reader `deepin-reader` versions prior to 6.0.7 **Description** The issue is caused by a design flaw in the `deepin-reader` software, leading to remote command execution via crafted docx documents. This is a file overwrite vulnerability, where remote code execution (RCE) can be achieved by overwriting files like `.bash rc`, `.bash login`, etc. RCE will be triggered when the user opens the terminal. **Recommendations** For versions prior to 6.0.7, update to version 6.0.7, which contains a patch for the issue. As a temporary workaround, consider avoiding the use of `deepin-reader` for opening docx documents from untrusted sources until the issue is resolved. Restrict access to sensitive files and directories to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** FileBrowser versions prior to 2.23.0 **Description** A cross-site scripting (XSS) issue allows an authenticated attacker to escalate privileges to Administrator via user interaction with a crafted HTML file or URL. **Recommendations** For versions prior to 2.23.0, update to version 2.23.0 or later to resolve the issue. As a temporary workaround, consider restricting user interaction with crafted HTML files or URLs to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Tiny File Manager versions prior to 2.4.7 **Description** A path traversal issue in the file upload functionality of tinyfilemanager.php allows remote attackers with valid user accounts to upload malicious PHP files to the webroot, leading to code execution. **Recommendations** For versions prior to 2.4.7, update to version 2.4.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the file upload functionality in tinyfilemanager.php to minimize the risk of exploitation.