msi files, a notification about the malicious file will be displayed with suggested actions. When running files from an SMB server, there are denylist restrictions on executable file extensions. “A successful attack requires setting up a fake Wi-Fi hotspot, hacking the router, spoofing the DNS, or just being on the same network as the victim. “In vulnerable versions of WinRAR, web requests sent by the WinRAR web notifier can be intercepted as part of an MITM (man-in-the-middle) attack, or to create a backdoor or carry out an RCE attack-execution of arbitrary files from a remote SMB server,” explains Igor Sak-Sakovsky. In such cases, the WinRAR web notifier goes to HTTPS:///. The issue was discovered in the WinRAR web notifier, which is used to display notifications after WinRAR’s first launch or expiry of the trial period. The bug was assigned the identifier CVE-2021-35052 (vendor notification, vulnerability details) and a score of 8.2 on the CVSSv3 scale, which corresponds to a high threat level.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |