← volver
CVE-2023-38831

CVE-2023-38831

CVSS 7.8 HIGHEPSS 97.8%● KEVCWE-351
En resumen

WinRAR en versiones anteriores a 6.23 tiene una falla donde abrir un archivo que parece inofensivo (como una foto) dentro de un ZIP puede ejecutar código malicioso escondido en una carpeta con el mismo nombre. Esta vulnerabilidad fue explotada activamente por atacantes en 2023.

Detalle técnico

Una vulnerabilidad de traversal de ruta en la lógica de extracción de ZIP de WinRAR permite la ejecución de código arbitrario cuando un usuario intenta visualizar un archivo inofensivo que comparte nombre con una carpeta maliciosa dentro del archivo. La vulnerabilidad explota el manejo inadecuado de archivos y directorios con el mismo nombre durante la extracción, permitiendo que atacantes ejecuten código arbitrario con privilegios del usuario. Este CVE fue explotado activamente entre abril y octubre de 2023.

Resumen generado y traducido por IA a partir de la descripción oficial.
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Productos afectados
n/a · n/a
PoCs públicas encontradas59
githubgithub.com/b1tg/CVE-2023-38831-winrar-exploit785githubgithub.com/Garck3h/cve-2023-38831128githubgithub.com/ignis-sec/CVE-2023-38831-RaRCE114githubgithub.com/BoredHackerBlog/winrar_CVE-2023-38831_lazy_poc91githubgithub.com/HDCE-inc/CVE-2023-3883190githubgithub.com/knight0x07/WinRAR-Code-Execution-Vulnerability-CVE-2023-3883140githubgithub.com/Maalfer/CVE-2023-38831_ReverseShell_Winrar-RCE22githubgithub.com/xaitax/WinRAR-CVE-2023-3883118githubgithub.com/MorDavid/CVE-2023-38831-Winrar-Exploit-Generator-POC13githubgithub.com/ahmed-fa7im/CVE-2023-38831-winrar-expoit-simple-Poc11githubgithub.com/Malwareman007/CVE-2023-388319githubgithub.com/youmulijiang/evil-winrar9githubgithub.com/z3r0sw0rd/CVE-2023-38831-PoC6githubgithub.com/UnHackerEnCapital/PDFernetRemotelo6githubgithub.com/PascalAsch/CVE-2023-38831-KQL4githubgithub.com/xk-mt/WinRAR-Vulnerability-recurrence-tutorial4githubgithub.com/Mich-ele/CVE-2023-38831-winrar3githubgithub.com/malvika-thakur/CVE-2023-388313githubgithub.com/RonF98/CVE-2023-38831-POC3githubgithub.com/kuyrathdaro/cve-2023-388313githubgithub.com/akhomlyuk/cve-2023-388313githubgithub.com/ameerpornillos/CVE-2023-38831-WinRAR-Exploit3githubgithub.com/r1yaz/winDED2githubgithub.com/IR-HuntGuardians/CVE-2023-38831-HUNT2githubgithub.com/MaorBuskila/Windows-X64-RAT2githubgithub.com/yezzfusl/cve_2023_38831_scanner1githubgithub.com/thegr1ffyn/CVE-2023-388311githubgithub.com/Ben1B3astt/CVE-2023-38831_ReverseShell_Winrar1githubgithub.com/ruycr4ft/CVE-2023-388311githubgithub.com/s4m98/winrar-cve-2023-38831-poc-gen1githubgithub.com/SpamixOfficial/CVE-2023-388311githubgithub.com/technicalcorp0/CVE-2023-38831-Exploit1githubgithub.com/olowostandard1/CVE-2023-38831-WinRAR-Vulnerability-Analysis1githubgithub.com/sudo-py-dev/CVE-2023-388310githubgithub.com/lightningspeed221/Winrar-Exploit-CVE-2023-388310githubgithub.com/ngothienan/CVE-2023-388310githubgithub.com/GOTonyGO/CVE-2023-38831-winrar0githubgithub.com/solomon12354/VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC0githubgithub.com/RomainBayle08/CVE-2023-388310githubgithub.com/imbyter/imbyter-WinRAR_CVE-2023-388310githubgithub.com/Fa1c0n35/CVE-2023-38831-winrar-exploit0githubgithub.com/Hirusha-N/CVE-2021-34527-CVE-2023-38831-and-CVE-2023-327840githubgithub.com/khanhtranngoccva/cve-2023-38831-poc0githubgithub.com/asepsaepdin/CVE-2023-388310githubgithub.com/MyStuffYT/CVE-2023-38831-POC0githubgithub.com/FirFirdaus/CVE-2023-388310githubgithub.com/ra3edAJ/LAB-DFIR-cve-2023-388310githubgithub.com/ML-K-eng/CVE-2023-38831-Exploit-and-Detection0githubgithub.com/idkwastaken/CVE-2023-388310githubgithub.com/VictoriousKnight/CVE-2023-38831_Exploit0githubgithub.com/sh770/CVE-2023-388310githubgithub.com/Tolu12wani/Demonstration-of-CVE-2023-38831-via-Reverse-Shell-Execution0githubgithub.com/yangdayyy/cve-2023-388310githubgithub.com/anelya0333/Exploiting-CVE-2023-388310githubgithub.com/mishra0230/CVE-2023-388310githubgithub.com/Nielk74/CVE-2023-388310githubgithub.com/kehrijksen/CVE-2023-388310githubgithub.com/h3xecute/SideCopy-Exploits-CVE-2023-388310cve_referencepacketstormsecurity.com/files/174573/WinRAR-Remote-Code-Execution.htmlno verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://packetstormsecurity.com/files/174573/WinRAR-Remote-Code-Execution.htmlhttps://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/https://news.ycombinator.com/item?id=37236100https://www.bleepingcomputer.com/news/security/winrar-zero-day-exploited-since-april-to-hack-trading-accounts/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-38831https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/