Positive Technologies disclosed this vulnerability and in their technical writeup they detail that "This vulnerability allows an attacker to intercept and modify requests sent to the user of the application,". Tracked as CVE-2021-35052, this issue currently affects version 5.70 and older but has only been fixed very recently in Winrar version 6.02. 2 years ago, WinRAR also made headlines when a 19-year old vulnerability was disclosed which impacted the very large userbase of the never-ending trial software. This time the vulnerability could lead to attackers being able to execute arbitrary code on machines with vulnerable versions. Winrar, one of the most popular data compression and archiving tools has been found to have another vulnerability in it.
0 Comments
Leave a Reply. |