This repository contains a Proof of Concept (PoC) exploit for CVE-2024-0406, a vulnerability involving symlink-based tar archive extraction that allows for path traversal or file overwriting in affected systems.

More Details at Path Traversal in mholt/archiver

• CVE ID: CVE-2024-0406
• Description: A flaw in tar archive extraction libraries or applications that fail to sanitize symlinks, enabling attackers to overwrite arbitrary files via path traversal when a crafted archive is extracted.
• Affected Systems: Applications using libraries like mholt/archiver/v3 3.5.0 and prior.
• Impact: Arbitrary file overwrite, potentially leading to privilege escalation or unauthorized access.

⚠️ Disclaimer: This PoC is for educational and security research purposes only. Use it only in environments where you have explicit permission to test. Unauthorized use may violate laws or terms of service.