0-day in WinRar, vulnerability RCE to open self extracting file
It is a vulnerability descubrierta by researcher Mohammad Reza Espagham which reported a vulnerability type RCE (remote code execution) to the top of the tools of understanding of files, which allows an attacker to execute remote arbitrary code when you open a self extracting file SFX (Self extracting).
According to what has been reported is a critical vulnerability of type 9 according to the CVSS, so this may affect more than 500 million users that use WinRar, the vulnerability is and/or was found specifically in the software SFX v5.21 and that can compromise a machine, as there is still no patch we need to update Winrar just to post updates.
Here we can see the proof-of-concept Reads:
exploit posted by the user R-73in
https://www.exploit-db.com/exploits/38319/
According to what has been reported is a critical vulnerability of type 9 according to the CVSS, so this may affect more than 500 million users that use WinRar, the vulnerability is and/or was found specifically in the software SFX v5.21 and that can compromise a machine, as there is still no patch we need to update Winrar just to post updates.
Here we can see the proof-of-concept Reads:
exploit posted by the user R-73in
https://www.exploit-db.com/exploits/38319/
0-day in WinRar, vulnerability RCE to open self extracting file
![]()
Reviewed by Unknown
on
2:25:00 AM
Rating: