HTTP: Allegra unzipFileIntoDirectory Directory Traversal

This signature detects attempts to exploit a known vulnerability against Allegra. A successful attack can lead to directory traversal and arbitrary code execution.

Extended Description

Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the extractFileFromZip method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26524.

References

CVE: CVE-2025-3485

URL: https://alltena.com/en/resources/release-notes/release-notes-for-release-8-1-2 http://www.zerodayinitiative.com/advisories/ZDI-25-254/

Short Name

HTTP:DIR:ALLEGRA-UNZIP-FILEINTO

Severity

Major

Recommended

True

Recommended Action

Drop

HTTP: Allegra unzipFileIntoDirectory Directory Traversal

Extended Description

References

Found a potential security threat?