SOURCE: otx.alienvault.com | Created: 2 years ago | Updated: 2 months ago
CVE Overview: In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
REF URL: https://otx.alienvault.com/indicator/cve/CVE-2018-20250
Discover more from bouncethebox
Subscribe to get the latest posts sent to your email.