## https://sploitus.com/exploit?id=A34265A6-EE75-5A57-AD17-15F8AEDF28A5
# CVE-2024-0406 Proof of Concept (PoC)
This repository contains a Proof of Concept (PoC) exploit for **CVE-2024-0406**, a vulnerability involving symlink-based tar archive extraction that allows for path traversal or file overwriting in affected systems.
More Details at [Path Traversal in mholt/archiver](https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMMHOLTARCHIVER-6227929)
## Vulnerability Details
- CVE ID: CVE-2024-0406
- Description: A flaw in tar archive extraction libraries or applications that fail to sanitize symlinks, enabling attackers to overwrite arbitrary files via path traversal when a crafted archive is extracted.
- Affected Systems: Applications using libraries like `mholt/archiver/v3` 3.5.0 and prior.
- Impact: Arbitrary file overwrite, potentially leading to privilege escalation or unauthorized access.
**โ ๏ธ Disclaimer**: This PoC is for educational and security research purposes only. Use it only in environments where you have explicit permission to test. Unauthorized use may violate laws or terms of service.