5/31/2023 0 Comments Online unrar![]() ![]() This also includes Zimbra collaboration suite, wherein the vulnerability could lead to pre-authenticated remote code execution on a vulnerable instance, giving the attacker complete access to an email server and even abuse it to access or overwrite other internal resources within the organization's network. It's worth pointing out that any software that utilizes an unpatched version of UnRAR to extract untrusted archives is affected by the flaw. "If they can write to a known location, they are likely to be able to leverage it in a way leading to the execution of arbitrary commands on the system." "An attacker is able to create files outside of the target extraction directory when an application or victim user extracts an untrusted archive," SonarSource researcher Simon Scannell said in a Tuesday report.
0 Comments
Leave a Reply. |