The Entry name is not verified when extracting the zip file in the deployEntry method in the ThreadClientUpdate.java file. As a result, when extracting a maliciously constructed zip file("../" in entry name) from an attacker, it may overwrite sensitive files in the system.
The Entry name is not verified when extracting the zip file in the deployEntry method in the ThreadClientUpdate.java file. As a result, when extracting a maliciously constructed zip file("../" in entry name) from an attacker, it may overwrite sensitive files in the system.