High severity7.8NVD Advisory· Published Jul 17, 2019· Updated Jun 17, 2026
CVE-2019-13623
CVE-2019-13623
Description
In NSA Ghidra before 9.1, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis result is archived for sharing with other persons. To achieve arbitrary code execution, one approach is to overwrite some critical Ghidra modules, e.g., the decompile module.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- NSA/Ghidradescription
- Range: <9.1
Patches
Vulnerability mechanics
References
4- blog.fxiao.me/ghidra/nvdExploitThird Party Advisory
- github.com/NationalSecurityAgency/ghidra/issues/789nvdExploitThird Party Advisory
- packetstormsecurity.com/files/154015/Ghidra-Linux-9.0.4-Arbitrary-Code-Execution.htmlnvd
- ghidra-sre.org/releaseNotes_9.1_final.htmlnvd
News mentions
0No linked articles in our index yet.