CVE-2018-20251: Path Traversal
First published: Tue Feb 05 2019(Updated: )
In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format. The UNACE module (UNACEV2.dll) creates files and folders as written in the filename field even when WinRAR validator noticed the traversal attempt and requestd to abort the extraction process. the operation is cancelled only after the folders and files were created but prior to them being written, therefore allowing the attacker to create empty files and folders everywhere in the file system.
Credit: cve@checkpoint.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| RARLAB WinRAR | <=5.61 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-20251?
CVE-2018-20251 is a path traversal vulnerability in WinRAR versions prior to and including 5.61.
How can the CVE-2018-20251 vulnerability be exploited?
The CVE-2018-20251 vulnerability can be exploited by crafting the filename field of the ACE format in WinRAR versions prior to and including 5.61.
What is the severity of the CVE-2018-20251 vulnerability?
The severity of the CVE-2018-20251 vulnerability is medium with a CVSS severity score of 5.5.
Which software versions are affected by CVE-2018-20251?
CVE-2018-20251 affects WinRAR versions prior to and including 5.61.
How can I fix CVE-2018-20251?
To fix CVE-2018-20251, users should update WinRAR to version 5.70 or later.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/event
- agent/type
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/rarlab
- canonical/rarlab winrar
- version/rarlab winrar/5.61