Lucene search
+L

50 matches found

redhatcve
redhatcve
added 2025/05/23 2:20 a.m.11 views

CVE-2023-38831

RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file such as an ordinary .JPG file and also a folder that has the same name as the benign file, and the...

7.8CVSS8AI score0.97798EPSS
Exploits49References1
githubexploit
githubexploit
added 2024/12/03 11:13 a.m.269 views

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831 Exploit Proof-of-Concept Overview This rep...

7.8CVSS7AI score0.97798EPSS
Exploits49
githubexploit
githubexploit
added 2024/11/11 2:25 p.m.275 views

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

Description Name : CVE-2023-38831 CVSS Score : 7.8...

7.8CVSS6.6AI score0.97798EPSS
Exploits49
githubexploit
githubexploit
added 2024/09/27 6:23 p.m.349 views

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831 WinRAR Exploit Generator Created by: tech...

7.8CVSS7.4AI score0.97798EPSS
Exploits49
thn
thn
added 2024/09/03 1:29 p.m.55 views

Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus

A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. "Head Mare uses more up-to-date methods for obtaining initial access," Kaspersky said in a Monday analysis of the group's tactics and tools. "For instance, t...

7.8CVSS8.2AI score0.97798EPSS
Exploits49
githubexploit
githubexploit
added 2024/08/30 2:48 p.m.77 views

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831 A POC demo on CVE-2023-38831 Brief description...

7.8CVSS7.3AI score0.97798EPSS
Exploits49
thn
thn
added 2024/05/30 4:37 p.m.21 views

FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine

Cloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine. "The FlyingYeti campaign capitalized on anxiety over the potential loss of access to housing and utilities by enticing targets to...

7.8CVSS7.6AI score0.97798EPSS
Exploits49
cisa_kev
cisa_kev
added 2024/04/30 12:0 a.m.292 views

Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability

Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web MotW feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file...

8.8CVSS7.3AI score0.45151EPSS
In wildExploits1
thn
thn
added 2024/04/23 4:23 a.m.123 views

Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware

The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called GooseEgg. The post-compromise tool, which is said to have been used since at least June 2020 and possibly ...

9.8CVSS9.8AI score0.97798EPSS
Exploits67
githubexploit
githubexploit
added 2024/04/01 3:59 p.m.380 views

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC This is my...

7.8CVSS6.8AI score0.97798EPSS
Exploits49
zdt
zdt
added 2024/03/29 12:0 a.m.365 views

WinRAR version 6.22 - Remote Code Execution via ZIP archive Exploit

Exploit Title : EXPLOIT WinRAR version 6.22 Vulnerability CVE-2023-38831 Author : E1.Coders Contact : E1.Coders at Mail dot RU Security Risk : High Description : All target's GOV & Military websites Expl0iTs: include include include include "zip.h" define PDFFILE "document.pdf" define FOLDERNAME...

7.8CVSS7.4AI score0.97798EPSS
Exploits49
packetstorm
packetstorm
added 2024/03/28 12:0 a.m.316 views

WinRAR 6.22 Remote Code Execution

Exploit Title : EXPLOIT WinRAR version 6.22 Vulnerability CVE-2023-38831 Author : E1.Coders Contact : E1.Coders at Mail dot RU Security Risk : High Description : All target's GOV & Military websites Expl0iTs: include include include include "zip.h" define PDFFILE "document.pdf" define FOLDERNAME...

7.8CVSS7.4AI score0.97798EPSS
Exploits49
exploitdb
exploitdb
added 2024/03/28 12:0 a.m.335 views

WinRAR version 6.22 - Remote Code Execution via ZIP archive

Exploit Title : EXPLOIT WinRAR version 6.22 Vulnerability CVE-2023-38831 Author : E1.Coders Contact : E1.Coders at Mail dot RU Security Risk : High Description : All target's GOV & Military websites Expl0iTs: include include include include "zip.h" define PDFFILE "document.pdf" define FOLDERNAME...

7.8CVSS8.2AI score0.97798EPSS
Exploits49
thn
thn
added 2024/02/02 2:49 p.m.94 views

Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks

Russian state-sponsored actors have staged NT LAN Manager NTLM v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The attacks, attributed to an "aggressive" hacking crew called APT28, have set their eyes on organizations dealing...

9.8CVSS8.5AI score0.97798EPSS
Exploits67
githubexploit
githubexploit
added 2023/12/26 1:36 a.m.475 views

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

winDED Custom exploit for CVE-2023-38831 using python. Int...

7.8CVSS7.5AI score0.97798EPSS
Exploits49
thn
thn
added 2023/12/22 7:46 a.m.76 views

UAC-0099 Using WinRAR Exploit to Target Ukrainian Firms with LONEPAGE Malware

The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called LONEPAGE. "The threat actor targets Ukrainian employees working for companies outside of Ukraine,"...

7.8CVSS7.8AI score0.97798EPSS
Exploits49
githubexploit
githubexploit
added 2023/12/04 11:13 a.m.382 views

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831-POC Proof-of-conc...

7.8CVSS6.8AI score0.97798EPSS
Exploits49
thn
thn
added 2023/11/16 1:51 p.m.95 views

Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw

A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat APT. Cybersecurity company NSFOCUS has described DarkCasino as an "economically motivated" actor that first came to light i...

7.8CVSS8.7AI score0.97798EPSS
Exploits49
trellix
trellix
added 2023/11/09 12:0 a.m.90 views

CVE-2023-38831: Navigating the Threat Landscape of the Latest Security Vulnerability

CVE-2023-38831: Navigating the Threat Landscape of the Latest Security Vulnerability By Neeraj Kumar Singh · November 09, 2023 Executive Summary In August 2023, WinRAR released a security patch to address a remote code execution vulnerability in WinRAR's ZIP archive. The vulnerability, known as...

8.5AI score0.97798EPSS
Exploits50
thn
thn
added 2023/11/07 8:59 a.m.79 views

SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities

The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and DRat. Enterprise security firm SEQRITE describe...

7.8CVSS7.5AI score0.97798EPSS
Exploits49
Rows per page
Query Builder