Chiwopsezo (CVE-2022-30333) chadziwika muzogwiritsira ntchito unrar, zomwe zimalola, potsegula zakale zopangidwa mwapadera, kulembera mafayilo kunja kwa bukhuli, momwe ufulu wa ogwiritsa ntchito umalola. Nkhaniyi idakhazikitsidwa pakutulutsidwa kwa RAR 6.12 ndi unrar 6.1.7. Chiwopsezochi chimapezeka m'mitundu ya Linux, FreeBSD ndi macOS, koma sichikhudza mitundu ya Android ndi Windows.
Vutoli limayamba chifukwa chosowa kuyang'ana koyenera kwa "/.." m'njira zamafayilo zomwe zafotokozedwa muzosunga zakale, zomwe zimalola kutulutsa kupitilira malire a chikwatu choyambira. Mwachitsanzo, poika "../.ssh/authorized_keys" munkhokwe, wowukira angayese kuletsa fayilo ya "~/.ssh/authorized_keys" panthawi yotsegula.
Source: opennet.ru