Attackers craft an archive containing files with relative paths (e.g., ..\..\..\Startup\payload.exe ) or hidden ADS entries. When a user extracts the archive, WinRAR fails to sanitize these paths, placing the malicious payload into unintended folders like the Windows Startup directory. 2. Threat Actor Activity
A directory traversal flaw in versions ≤ 7.11. Doc Exploit.rar
Path Traversal / Remote Code Execution (RCE) Primary CVEs: Attackers craft an archive containing files with relative