![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2020-17532 – Apache ServiceComb code execution
January 22, 2021![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Alert – Verified Phishing URLs
January 25, 2021![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2020-17532 – Apache ServiceComb code execution
January 22, 2021![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Alert – Verified Phishing URLs
January 25, 2021Severity
High
Analysis Summary
CVE-2020-36193
Archive_Tar could allow a remote attacker to traverse directories on the system, caused by inadequate checking of symbolic links. An attacker could send a specially-crafted URL request to the Tar.php script containing “dot dot” sequences (/../) to modify arbitrary files on the system.
Impact
Information Disclosure
Affected Vendors
Drupal
Affected Products
Archive_Tar Archive_Tar 1.4.11
Remediation
Refer to vendor advisory for the complete list of affected products and their respective patches.