An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.
https://www.pentagrid.ch/en/blog/busybox-cpio-directory-traversal-vulnerability/
http://www.openwall.com/lists/oss-security/2025/04/24/2
http://www.openwall.com/lists/oss-security/2025/04/23/3
http://www.openwall.com/lists/oss-security/2025/04/23/2