CVE-2023-38831 - RARLAB WinRAR Code Execution Vulnerability
项目:RARLAB
产品:WinRAR
添加日期:2023-08-24到期日:2023-09-14最后更新:June 21, 2025
漏洞名称
RARLAB WinRAR Code Execution Vulnerability
描述
RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive.
已知用于勒索软件活动吗?
Known
采集行动
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
其他说明
http://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa
https://nvd.nist.gov/vuln/detail/CVE-2023-38831
相关新闻文章
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt StrikeMay 14, 2026
WinRAR Zero-Day Under Active Exploitation – Update to Latest Version ImmediatelyAugust 11, 2025
CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons LuresAugust 6, 2025
Russian hackers breach orgs to track aid routes to UkraineMay 21, 2025
Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid LogisticsMay 21, 2025