CVE-2024-30370

Name of the Vulnerable Software and Affected Versions WinRAR (affected versions not specified)

Description This issue allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of WinRAR. User interaction is required to exploit this issue, where the target must perform a specific action on a malicious page. The flaw exists within the archive extraction functionality, where a crafted archive entry can cause the creation of an arbitrary file without the Mark-Of-The-Web. An attacker can leverage this in conjunction with other issues to execute arbitrary code in the context of the current user.

Recommendations At the moment, there is no information about a newer version that contains a fix for this issue.