CVE-2024-36052
published 2024-05-21CVE-2024-36052: RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.
PriorityP339high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
EPSS
0.75%
50.2th percentile
RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rarlab | winrar | < 7.00 | 7.00 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
vendor_oracle7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Oracle
Oracle Oracle Fusion Middleware Risk Matrix: DC-Specific Component (unrar) — CVE-2024-36052
vendor_oracle·2024-10-15·CVSS 7.5
CVE-2024-36052 [HIGH] Oracle Oracle Fusion Middleware Risk Matrix: DC-Specific Component (unrar) — CVE-2024-36052
Oracle Oracle Fusion Middleware Risk Matrix: DC-Specific Component (unrar) vulnerability
CVE: CVE-2024-36052
CVSS: 7.5
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpuoct2024 (OCT 2024)
GHSA
GHSA-gp37-m2c5-j775: RARLAB WinRAR before 7
ghsa_unreviewed·2024-05-21·CVSS 7.1
CVE-2024-36052 [HIGH] CWE-150 GHSA-gp37-m2c5-j775: RARLAB WinRAR before 7
RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-05-21
Published