CVE-2022-4510

Path Traversal in binwalk

CVSS 7.8 HIGHEPSS 21.8%CWE-22

A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an attacker can get binwalk's PFS extractor to extract files at arbitrary locations when binwalk is run in extraction mode (-e option). Remote code execution can be achieved by building a PFS filesystem that, upon extraction, would extract a malicious binwalk module into the folder .config/binwalk/plugins. This vulnerability is associated with program files src/binwalk/plugins/unpfs.py. This issue affects binwalk from 2.1.2b through 2.3.3 included.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Refirm Labs · binwalk

public PoCs found — 4

githubgithub.com/adhikara13/CVE-2022-4510-WalkingPath★ 14 githubgithub.com/electr0sm0g/CVE-2022-4510★ 9 githubgithub.com/Kalagious/BadPfs-CVE-2022-4510★ 1 exploitdbwww.exploit-db.com/exploits/51249unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/ReFirmLabs/binwalk/pull/617 https://lists.debian.org/debian-lts-announce/2025/12/msg00022.html https://security.gentoo.org/glsa/202309-07