Submit #24625: CVE-2021-35052 - Remote Code Execution in WinRAR
| Title | CVE-2021-35052 - Remote Code Execution in WinRAR |
|---|---|
| Description | A remote code execution vulnerability existed in an old and free trial version of WinRAR, according to infosec firm Positive Technologies. While a vuln in version 5.7 of WinRAR may not seem like an immediate threat given that version was first released two years ago and has been superseded since, simple shareware/free-to-use software has a habit of being used long after its due date. The vuln, tracked as CVE-2021-35052, has since been patched. Users should check their installed versions of WinRAR and update if it isn't v 6.02 or later, though the practicality of the attack seems limited unless your device or network is first compromised by other means. WinRAR offers users a free trial licence before gently nagging users to buy a licence. Its most closely associated file compression format, the .rar archive, is not opened by Windows Explorer – so WinRAR is popular among those who have to work with the format, or those who simply had to download a .rar archive once and needed a utility to open it. Source: https://www.cert-bund.de/advisoryshort/CB-K21-1110 https://swarm.ptsecurity.com/winrars-vulnerable-trialware-when-free-software-isnt-free/ https://www.win-rar.com/whatsnew.html?&L=0 https://www.cybersecurity-help.cz/vdb/SB2021102208 https://www.theregister.com/2021/10/21/winrar_rce_vuln_positive_technologies/ |
| Source | ⚠️ https:/ |
| User | CSieberg (UID 13359) |
| Submission | 11/23/2021 09:33 (5 years ago) |
| Moderation | 11/23/2021 09:45 (12 minutes later) |
| Status | Accepted |
| VulDB entry | 187135 [Rarlab WinRAR 5.7 Expiration mshtml.dll injection] |
| Points | 20 |