diff --git a/TP-Link/CVE-2022-30075-rce/tplink.py b/TP-Link/CVE-2022-30075-rce/tplink.py
index 3f4d2d5..bde7f8b 100644
--- a/TP-Link/CVE-2022-30075-rce/tplink.py
+++ b/TP-Link/CVE-2022-30075-rce/tplink.py
@@ -188,7 +188,29 @@ def decrypt_config(self):
 			f.write(decompressed[16:])
 		# untar second part of decrypted data
 		with tarfile.open('%s/data.tar'%(self.decrypted_path), 'r') as tar:
-			tar.extractall(path=self.decrypted_path)
+
+import os
+
+def is_within_directory(directory, target):
+	
+	abs_directory = os.path.abspath(directory)
+	abs_target = os.path.abspath(target)
+
+	prefix = os.path.commonprefix([abs_directory, abs_target])
+	
+	return prefix == abs_directory
+
+def safe_extract(tar, path=".", members=None, *, numeric_owner=False):
+
+	for member in tar.getmembers():
+		member_path = os.path.join(path, member.name)
+		if not is_within_directory(path, member_path):
+			raise Exception("Attempted Path Traversal in Tar File")
+
+	tar.extractall(path, members, numeric_owner=numeric_owner) 
+	
+
+safe_extract(tar, path=self.decrypted_path)
 		# decrypt and decompress each .bin file from tar archive
 		for filename in os.listdir(self.decrypted_path):
 			basename,ext = os.path.splitext(filename)