ajinabraham.njsscan.archive_path_overwrite.admzip_path_overwrite
ajinabrahamAuthor
1,129
Download Count*
License
Insecure ZIP archive extraction using adm-zip can result in arbitrary path over write and can result in code injection.
Run Locally
Run in CI
Defintion
rules:
- id: admzip_path_overwrite
patterns:
- pattern-inside: |
$X = require('adm-zip')
...
- pattern-not: |
if ($FILENAME.indexOf('..'))
- pattern-not: |
$FS.createWriteStream($PATH.join(..., $PATH.basename($FILENAME, ...)))
- pattern-not: |
$FS.writeFile($PATH.join(..., $PATH.basename($FILENAME, ...)))
- pattern-not: |
$FS.writeFileSync($PATH.join(..., $PATH.basename($FILENAME, ...)))
- pattern-either:
- pattern: $ZIPENTZ.forEach(function $FUNC($ENTRY, ...) {
$FS.createWriteStream(...) }, ...)
- pattern: $ZIPENTZ.forEach(function $FUNC($ENTRY, ...) { $FS.writeFile(...) },
...)
- pattern: $ZIPENTZ.forEach(function $FUNC($ENTRY, ...) { $FS.writeFileSync(...)
}, ...)
message: Insecure ZIP archive extraction using adm-zip can result in arbitrary
path over write and can result in code injection.
languages:
- javascript
severity: ERROR
metadata:
owasp-web: a5
cwe: cwe-22
license: LGPL-3.0-or-later
Short Link: https://sg.run/0QxW