CVE-2021-4287

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions ReFirm Labs binwalk versions up to 2.3.2

Description A problematic issue was found in the Archive Extraction Handler component, specifically in the file src/binwalk/modules/extractor.py. The manipulation leads to symlink following, and it is possible to launch the attack remotely.

Recommendations For ReFirm Labs binwalk versions up to 2.3.2, upgrade to version 2.3.3 to address this issue.

Fix

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-61CWE-59

Related Identifiers

ALT-PU-2021-4837

ALT-PU-2024-8902

ALT-PU-2025-1936

CVE-2021-4287

GHSA-8M3F-G62J-3VX8

Affected Products

Alt Linux

Debian

Binwalk

CVE-2021-4287

Weakness Enumeration

Related Identifiers

Affected Products

References · 19