Main Vulnerability Database Exploits ID:2985 - Exploit for Privilege escalation in WinRAR - CVE-2018-20250

ID:2985 - Exploit for Privilege escalation in WinRAR - CVE-2018-20250

Published: June 3, 2020

Vulnerability identifier: #VU17468

Vulnerability risk: Low

CVE-ID: CVE-2018-20250

CWE-ID: CWE-264

Exploitation vector: Local access

Vulnerable software:
WinRAR

Link to public exploit:

https://github.com/eastmountyxz/CVE-2018-20250-WinRAR

Vulnerability description

The vulnerability allows a local attacker to gain elevated privileges.

The vulnerability exists due to a logical bug. A local attacker can craft the filename field of the ACE format, cause the destination folder (extraction folder) to be ignored, and the relative path in the filename field to become an absolute Path, extract a file to an arbitrary location and execute arbitrary code with elevated privileges.

Remediation

Update to version 5.70 Beta 1.

ID:2985 - Exploit for Privilege escalation in WinRAR - CVE-2018-20250

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human