dEEpEst Posted August 20, 2023 Share Posted August 20, 2023 Description The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to improper validation of array index when processing recovery volumes. A remote attacker can trick the victim to open a specially crafted archive and execute arbitrary code on the system. Mitigation This is the hidden content, please Sign In or Sign Up Vulnerable software versions WinRAR: 6.00 - 6.23 beta 1 This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
icebreaker666 Posted August 24, 2023 Share Posted August 24, 2023 how to give reaction? Link to comment Share on other sites More sharing options...
dEEpEst Posted August 24, 2023 Author Share Posted August 24, 2023 hace 4 horas, icebreaker666 dijo: how to give reaction? Link to comment Share on other sites More sharing options...
dEEpEst Posted August 27, 2023 Author Share Posted August 27, 2023 CVE-2023-38831 winrar exploit generator Generate the default poc for test This is the hidden content, please Sign In or Sign Up Custom Place the bait file and (evil) script file in the current directory, the bait file is recommended to be an image (.png, jpg) or a document (.pdf) Run This is the hidden content, please Sign In or Sign Up to generate your exploit Screenshots Infected version: winrar <= 6.22 Download This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts