CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems

By Ravie Lakshmanan

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. Tracked as CVE-2022-30333 (CVSS score: 7.5), the issue concerns a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a

Related tags
August 10^th 2022 at 06:59

The Hacker News
New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers
June 29^th 2022 at 09:29

New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers

By Ravie Lakshmanan

A new security vulnerability has been disclosed in RARlab's UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary. The flaw, assigned the identifier CVE-2022-30333, relates to a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive.

Related tags
June 29^th 2022 at 09:29