August 10, 2022

RARLAB Patches RCE in UnRAR

RARLAB, the company that also develops WinRAR, has patched a remote code execution vulnerability in UnRAR (the Unix/Linux version of WinRAR).

When a program or a victim user extracts an untrusted archive, the attacker has the ability to create files outside of the target extraction directory and execute arbitrary commands on the system.

The Vulnerability

• CVE-2022-30333 (CVSS 3.1: 7.5, High Severity) – the vulnerability allows directory traversal to write to files during an extract (aka unpack) process, as seen by the creation of a ~/.ssh/authorized_keys file, may lead to arbitrary code execution.

Affected Products

• RARLAB UnRAR before 6.12 on Linux and UNIX

Mitigation

CYREBRO recommens UnRAR ysers to update to version 6.12.

References: RARLAB Advisory