In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HRarlab Winrar
APPRarlab≤ 5.61
CISA KEV — detailsi
- Vendori
- RARLAB
- Producti
- WinRAR
- Added to KEVi
- February 15, 2022
- Remediation deadline (US Federal)i
- August 15, 2022(overdue)
- Ransomwarei
- Active ransomware campaigns exploit this vulnerability
Apply updates per vendor instructions.
WinRAR Absolute Path Traversal vulnerability leads to Remote Code Execution
Related vulnerabilities
A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitra...
RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attack...
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign fil...
RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, ...
RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vul...