CVE-2023-6908

Name of the Vulnerable Software and Affected Versions DFIRKuiper Kuiper version 2.3.4

Description A problematic issue was found in the TAR Archive Handler component, specifically affecting the unzip file function of the case management.py file. The manipulation of the dst path argument leads to path traversal. This issue can be initiated remotely, with a rather high complexity of attack and difficult exploitability.

Recommendations For version 2.3.4, upgrade to version 2.3.5 to address this issue. As a temporary workaround, consider restricting access to the unzip file function or the dst path argument in the case management.py file until the upgrade is applied.