cve/2023/CVE-2023-38831.md

### [CVE-2023-38831](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38831)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.

### POC

#### Reference
- http://packetstormsecurity.com/files/174573/WinRAR-Remote-Code-Execution.html
- https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/

#### Github
- https://github.com/0xMarcio/cve
- https://github.com/80r1ng/CVE-2023-38831-EXP
- https://github.com/Ahmed1Al/CVE-2023-38831-winrar-exploit
- https://github.com/AskarKasimov/1337Rpwn4
- https://github.com/Awrrays/Pentest-Tips
- https://github.com/BeniB3astt/CVE-2023-38831_ReverseShell_Winrar
- https://github.com/BeniBeastt/CVE-2023-38831_ReverseShell_Winrar
- https://github.com/BoredHackerBlog/winrar_CVE-2023-38831_lazy_poc
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
- https://github.com/Fa1c0n35/CVE-2023-38831-winrar-exploit
- https://github.com/FlyingPeg/Redteam_Havoc_C2_Framework_Report
- https://github.com/GOTonyGO/CVE-2023-38831-winrar
- https://github.com/Garck3h/cve-2023-38831
- https://github.com/GhostTroops/TOP
- https://github.com/Ghostasky/ALLStarRepo
- https://github.com/HACK-THE-WORLD/DailyMorningReading
- https://github.com/HDCE-inc/CVE-2023-38831
- https://github.com/IMHarman/CVE-2023-38831
- https://github.com/IR-HuntGuardians/CVE-2023-38831-HUNT
- https://github.com/K3rnel-Dev/WinrarExploit
- https://github.com/Kreedman05/nto_4fun_2024
- https://github.com/Maalfer/CVE-2023-38831_ReverseShell_Winrar-RCE
- https://github.com/Malwareman007/CVE-2023-38831
- https://github.com/Marco-zcl/POC
- https://github.com/Mich-ele/CVE-2023-38831-winrar
- https://github.com/MorDavid/CVE-2023-38831-Winrar-Exploit-Generator-POC
- https://github.com/MortySecurity/CVE-2023-38831-Exploit-and-Detection
- https://github.com/MyStuffYT/CVE-2023-38831-POC
- https://github.com/Nielk74/CVE-2023-38831
- https://github.com/NinVoido/nto2024-p7d-writeups
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/PascalAsch/CVE-2023-38831-KQL
- https://github.com/PudgyDragon/IOCs
- https://github.com/RomainBayle08/CVE-2023-38831
- https://github.com/SpamixOfficial/CVE-2023-38831
- https://github.com/Sploitus/CVE-2024-29988-exploit
- https://github.com/SugiB3o/Keylog_CVE2023-38831
- https://github.com/T0ngMystic/Vulnerability_List
- https://github.com/Threekiii/CVE
- https://github.com/ZonghaoLi777/githubTrending
- https://github.com/ahmed-fa7im/CVE-2023-38831-winrar-expoit-simple-Poc
- https://github.com/akhomlyuk/cve-2023-38831
- https://github.com/ameerpornillos/CVE-2023-38831-WinRAR-Exploit
- https://github.com/an040702/CVE-2023-38831
- https://github.com/aneasystone/github-trending
- https://github.com/asepsaepdin/CVE-2023-38831
- https://github.com/b1tg/CVE-2023-38831-winrar-exploit
- https://github.com/b1tg/b1tg
- https://github.com/c0mrade12211/Pentests
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/deepinstinct/UAC-0099-Targeting_UA
- https://github.com/delivr-to/detections
- https://github.com/elefantesagradodeluzinfinita/cve-2023-38831
- https://github.com/elefantesagradodeluzinfinita/elefantesagradodeluzinfinita
- https://github.com/h3xecute/SideCopy-Exploits-CVE-2023-38831
- https://github.com/hktalent/TOP
- https://github.com/ignis-sec/CVE-2023-38831-RaRCE
- https://github.com/johe123qwe/github-trending
- https://github.com/kehrijksen/CVE-2023-38831
- https://github.com/knight0x07/WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
- https://github.com/kun-g/Scraping-Github-trending
- https://github.com/macarell228/nto2024
- https://github.com/malvika-thakur/CVE-2023-38831
- https://github.com/mkonate19/POC-WINRAR
- https://github.com/my-elliot/CVE-2023-38831-winrar-expoit-simple-Poc
- https://github.com/nhman-python/CVE-2023-38831
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/r1yaz/r1yaz
- https://github.com/r1yaz/winDED
- https://github.com/ruycr4ft/CVE-2023-38831
- https://github.com/s4m98/winrar-cve-2023-38831-poc-gen
- https://github.com/sadnansakin/Winrar_0-day_RCE_Exploitation
- https://github.com/securelayer7/CVE-Analysis
- https://github.com/sh770/CVE-2023-38831
- https://github.com/solomon12354/VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC
- https://github.com/takinrom/nto2024-user4-report
- https://github.com/tanjiti/sec_profile
- https://github.com/tanwar29/CVE
- https://github.com/thegr1ffyn/CVE-2023-38831
- https://github.com/wjlin0/poc-doc
- https://github.com/wy876/POC
- https://github.com/xaitax/WinRAR-CVE-2023-38831
- https://github.com/xingchennb/POC-
- https://github.com/xk-mt/WinRAR-Vulnerability-recurrence-tutorial
- https://github.com/yj94/Yj_learning
- https://github.com/youmulijiang/evil-winrar
- https://github.com/z3r0sw0rd/CVE-2023-38831-PoC