A high-severity flaw in versions ≤ 7.12 that uses Alternate Data Streams (ADS) to write files to arbitrary locations.
Path Traversal / Remote Code Execution (RCE) Primary CVEs: Doc Exploit.rar
Attackers craft an archive containing files with relative paths (e.g., ..\..\..\Startup\payload.exe ) or hidden ADS entries. When a user extracts the archive, WinRAR fails to sanitize these paths, placing the malicious payload into unintended folders like the Windows Startup directory. 2. Threat Actor Activity A high-severity flaw in versions ≤ 7