CVE-2018-20251Protection Mechanism Failure in Winrar

CWE-693Protection Mechanism FailureCWE-22Path Traversal3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.5%
top 32.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Rarlab WinrarCheck Point Software Technologies LTD Winrar
Timeline
PublishedFeb 5
Latest updateMay 13

Description

In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format. The UNACE module (UNACEV2.dll) creates files and folders as written in the filename field even when WinRAR validator noticed the traversal attempt and requestd to abort the extraction process. the operation is cancelled only after the folders and files were created but prior to them being written, therefore allowing the attacker to create empty files and folde

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDrarlab/winrar5.61
CVEListV5check_point_software_technologies_ltd/winrarAll versions prior and including 5.61

🔴Vulnerability Details

2
GHSA
GHSA-9p46-rmhc-6xcf: In WinRAR versions prior to and including 52022-05-13
CVEList
CVE-2018-20251: In WinRAR versions prior to and including 52019-02-05
CVE-2018-20251 — Protection Mechanism Failure in Winrar | cvebase