Lucene search

CVE-2023-38831

🗓️ 23 Aug 2023 17:43:15Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 19 Media mentions👁 1080 Views🌐 WEB

RARLAB WinRAR before 6.23 allows arbitrary code execution via ZIP archive

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 112
Hive Pro Threat Advisories	The Rise of DarkCasino APT Group Exploiting WinRAR 0-Day	27 Nov 202312:47	–	hivepro
Hive Pro Threat Advisories	SideCopy Leverages Multi-platform RAT, Assaults Indian Government Entities	9 Nov 202305:00	–	hivepro
Hive Pro Threat Advisories	WinRAR Zero-Day Exploit Targeting Traders Since April	25 Aug 202308:16	–	hivepro
The Hacker News	UAC-0099 Using WinRAR Exploit to Target Ukrainian Firms with LONEPAGE Malware	22 Dec 202307:46	–	thn
The Hacker News	Operation RusticWeb: Rust-Based Malware Targets Indian Government Entities	22 Dec 202313:19	–	thn
The Hacker News	SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities	7 Nov 202308:59	–	thn
The Hacker News	Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus	3 Sep 202413:29	–	thn
The Hacker News	Google TAG Detects State-Backed Threat Actors Exploiting WinRAR Flaw	19 Oct 202304:02	–	thn
The Hacker News	Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities	26 Sep 202406:18	–	thn
The Hacker News	APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware	22 Nov 202416:59	–	thn

Nvd

Vulnrichment

Node

rarlab winrarRange<6.23

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/174573/WinRAR-Remote-Code-Execution.html
blog	www.blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/
bleepingcomputer	www.bleepingcomputer.com/news/security/winrar-zero-day-exploited-since-april-to-hack-trading-accounts/
group-ib	www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/
news	www.news.ycombinator.com/item

Parameter	Position	Path	Description	CWE
document.pdf	binary	exploit.zip	A ZIP file crafted to exploit WinRAR's handling of benign files and folders leading to arbitrary code execution.	CWE-345, CWE-351
document.pdf\script.bat	binary	exploit.zip	A ZIP file crafted to exploit WinRAR's handling of benign files and folders leading to arbitrary code execution.	CWE-345, CWE-351

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Aug 2023 17:15Current

7.9High risk

Vulners AI Score7.9

CVSS37.8

EPSS0.93902

cve-2023-38831 rarlab winrar arbitrary code execution zip archive security vulnerability