Miggo Logo
Miggo Vulnerability Database
CVE-2018-1002208

CVE-2018-1002208:
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib

5.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2018-1002208
GHSA ID
GHSA-cqj4-m2pc-v9m5
EPSS Score
0.80112%
CWE
CWE-22
Published
5/13/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyC#

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
SharpZipLibnuget<= 1.0.0-alpha21.0.0-rc1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper path validation during zip extraction. The FastZip class is explicitly mentioned in release notes as having received path traversal protection in 1.0 RC1. The GitHub issue #232 demonstrates exploitation via FastZip.ExtractZip(), and the CVE description specifically references mishandling of Zip archive entries during extraction - a core responsibility of the ExtractZip method. While the exact pre-patch code isn't shown, the contextual evidence from release notes, vulnerability reports, and usage examples strongly implicates FastZip.ExtractZip as the vulnerable entry point.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

S**rpZipLi* ***or* *.* R** is vuln*r**l* to *ir**tory tr*v*rs*l, *llowin* *tt**k*rs to writ* to *r*itr*ry *il*s vi* * ../ (*ot *ot sl*s*) in * Zip *r**iv* *ntry t**t is mis**n*l** *urin* *xtr**tion. T*is vuln*r**ility is *lso known *s 'Zip-Slip'.

Reasoning

T** vuln*r**ility st*ms *rom improp*r p*t* v*li**tion *urin* zip *xtr**tion. T** `**stZip` *l*ss is *xpli*itly m*ntion** in r*l**s* not*s *s **vin* r***iv** p*t* tr*v*rs*l prot**tion in *.* R**. T** *it*u* issu* #*** **monstr*t*s *xploit*tion vi* `**