Monday, December 6, 2021

WinRAR’s vulnerable trialware: when free software isn’t free

Author Igor Sak-Sakovskiy Web Application Security Expert Psych0tr1a

In this article we discuss a vulnerability in the trial version of WinRAR which has significant consequences for the management of third-party software. This vulnerability allows an attacker to intercept and modify requests sent to the user of the application. This can be used to achieve Remote Code Execution (RCE) on a victim’s computer. It has been assigned the CVE ID – CVE-2021-35052.

Background

WinRAR is an application f…

Read More

Latest news
Related news