ajinabraham.njsscan.archive_path_overwrite.zip_path_overwrite2
ajinabrahamAuthor
1,129
Download Count*
License
Insecure ZIP archive extraction can result in arbitrary path over write and can result in code injection.
Run Locally
Run in CI
Defintion
rules:
- id: zip_path_overwrite2
patterns:
- pattern-either:
- pattern-inside: |
$X = require('unzip')
...
- pattern-inside: |
$X = require('unzipper')
...
- pattern-inside: |
$UNZIP.Parse(...).on('entry', function $FUNC($ENTRY) {
...
}, ...)
- pattern-not: |
if ($FILENAME.indexOf('..'))
- pattern-not: |
$FS.createWriteStream($PATH.join(..., $PATH.basename($FILENAME, ...)))
- pattern-not: |
$FS.writeFile($PATH.join(..., $PATH.basename($FILENAME, ...)))
- pattern-not: |
$FS.writeFileSync($PATH.join(..., $PATH.basename($FILENAME, ...)))
- pattern-either:
- pattern: |
$FS.createWriteStream($FIL, ...)
- pattern: |
$FS.writeFile($FIL, ...)
- pattern: |
$FS.writeFileSync($FIL, ...)
message: Insecure ZIP archive extraction can result in arbitrary path over write
and can result in code injection.
languages:
- javascript
severity: ERROR
metadata:
owasp-web: a5
cwe: cwe-22
license: LGPL-3.0-or-later
Short Link: https://sg.run/W89j