Report Name: AA25-141A_report.txt report
Generated: 2025-05-26 03:05:39
Vulristics Vulnerability Scores
- All vulnerabilities: 5
- Urgent: 5
- Critical: 0
- High: 0
- Medium: 0
- Low: 0
Basic Vulnerability Scores
- All vulnerabilities: 5
- Critical: 3
- High: 1
- Medium: 1
- Low: 0
Products
| Product Name | Prevalence | U | C | H | M | L | A | Comment |
|---|
| WinRAR | 0.8 | 1 | | | | | 1 | WinRAR is a trialware file archiver utility for Windows, developed by Eugene Roshal of win.rar GmbH |
| Microsoft Outlook | 0.6 | 1 | | | | | 1 | Microsoft Outlook is a personal information manager software system from Microsoft, available as a part of the Microsoft 365 software suites |
| Roundcube | 0.6 | 3 | | | | | 3 | Roundcube is a web-based IMAP email client |
Vulnerability Types
| Vulnerability Type | Criticality | U | C | H | M | L | A |
|---|
| Remote Code Execution | 1.0 | 2 | | | | | 2 |
| Code Injection | 0.97 | 1 | | | | | 1 |
| Elevation of Privilege | 0.85 | 1 | | | | | 1 |
| Cross Site Scripting | 0.8 | 1 | | | | | 1 |
Vulnerabilities
Urgent (5)
1. 
Remote Code Execution - WinRAR (CVE-2023-38831) - Urgent [942]
Description: RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
| Component | Value | Weight | Comment |
|---|
| Exploited in the Wild | 1.0 | 18 | Exploitation in the wild is mentioned on Vulners (AttackerKB object, CISA object, cisa_kev object, cisa_kev object), AttackerKB, NVD:CISAKEV, BDU websites |
| Exploit Exists | 1.0 | 17 | The existence of a publicly available exploit is mentioned on NVD:PublicExploit:www.group-ib.com, Vulners:PublicExploit:1337DAY-ID-39498, Vulners:PublicExploit:1337DAY-ID-39057, Vulners:PublicExploit:GitHub:AMEERPORNILLOS:CVE-2023-38831-WINRAR-EXPLOIT, Vulners:PublicExploit:GitHub:MYSTUFFYT:CVE-2023-38831-POC, Vulners:PublicExploit:GitHub:PASCALASCH:CVE-2023-38831-KQL, Vulners:PublicExploit:GitHub:SOLOMON12354:VOLLEYBALLSQUID-----CVE-2023-38831-AND-BYPASS-UAC, Vulners:PublicExploit:GitHub:IMBYTER:IMBYTER-WINRAR_CVE-2023-38831, Vulners:PublicExploit:GitHub:MALVIKA-THAKUR:CVE-2023-38831, Vulners:PublicExploit:GitHub:IGNIS-SEC:CVE-2023-38831-RARCE, Vulners:PublicExploit:GitHub:TECHNICALCORP0:CVE-2023-38831-EXPLOIT, Vulners:PublicExploit:GitHub:TECHNICALCORP2:CVE-2023-38831-EXPLOIT-GENERATOR, Vulners:PublicExploit:GitHub:NHMAN-PYTHON:CVE-2023-38831, Vulners:PublicExploit:GitHub:K3RNEL-DEV:WINRAREXPLOIT, Vulners:PublicExploit:GitHub:BENIBEASTT:CVE-2023-38831_REVERSESHELL_WINRAR, Vulners:PublicExploit:GitHub:THEGR1FFYN:CVE-2023-38831, Vulners:PublicExploit:GitHub:MY-ELLIOT:CVE-2023-38831-WINRAR-EXPOIT-SIMPLE-POC, Vulners:PublicExploit:GitHub:MALWAREMAN007:CVE-2023-38831, Vulners:PublicExploit:GitHub:RONF98:CVE-2023-38831-POC, Vulners:PublicExploit:GitHub:YEZZFUSL:CVE_2023_38831_SCANNER, Vulners:PublicExploit:GitHub:SPAMIXOFFICIAL:CVE-2023-38831, Vulners:PublicExploit:GitHub:Z3R0SW0RD:CVE-2023-38831-POC, Vulners:PublicExploit:GitHub:MAALFER:CVE-2023-38831_REVERSESHELL_WINRAR-RCE, Vulners:PublicExploit:GitHub:NIELK74:CVE-2023-38831, Vulners:PublicExploit:GitHub:R1YAZ:WINDED, Vulners:PublicExploit:GitHub:KEHRIJKSEN:CVE-2023-38831, Vulners:PublicExploit:GitHub:RUYCR4FT:CVE-2023-38831, Vulners:PublicExploit:GitHub:YOUMULIJIANG:EVIL-WINRAR, Vulners:PublicExploit:GitHub:MAALFER:CVE-2023-38831_REVERSESHELL, Vulners:PublicExploit:GitHub:B1TG:CVE-2023-38831-WINRAR-EXPLOIT, Vulners:PublicExploit:GitHub:BOREDHACKERBLOG:WINRAR_CVE-2023-38831_LAZY_POC, Vulners:PublicExploit:GitHub:VICTORIOUSKNIGHT:CVE-2023-38831_EXPLOIT, Vulners:PublicExploit:GitHub:MALVIKA-THAKUR:CVE-2023-38831-WINRAR-POC-, Vulners:PublicExploit:GitHub:XK-MT:WINRAR-VULNERABILITY-RECURRENCE-TUTORIAL, Vulners:PublicExploit:GitHub:FA1C0N35:CVE-2023-38831-WINRAR-EXPLOIT, Vulners:PublicExploit:GitHub:MICH-ELE:CVE-2023-38831-WINRAR, Vulners:PublicExploit:GitHub:GOTONYGO:CVE-2023-38831-WINRAR, Vulners:PublicExploit:GitHub:80R1NG:CVE-2023-38831-EXP, Vulners:PublicExploit:GitHub:HDCE-INC:CVE-2023-38831, Vulners:PublicExploit:GitHub:REZAGUII:WINRAR-EXPLOIT-CVE-2023-38831-TOOL, Vulners:PublicExploit:GitHub:MAORBUSKILA:WINDOWS-X64-RAT, Vulners:PublicExploit:GitHub:GARCK3H:CVE-2023-38831, Vulners:PublicExploit:GitHub:ELEFANTESAGRADODELUZINFINITA:CVE-2023-38831, Vulners:PublicExploit:GitHub:S4M98:WINRAR-CVE-2023-38831-POC-GEN, Vulners:PublicExploit:GitHub:XAITAX:WINRAR-CVE-2023-38831, Vulners:PublicExploit:GitHub:ASEPSAEPDIN:CVE-2023-38831, Vulners:PublicExploit:GitHub:AKHOMLYUK:CVE-2023-38831, Vulners:PublicExploit:GitHub:UNHACKERENCAPITAL:PDFERNETREMOTELO, Vulners:PublicExploit:GitHub:MORDAVID:CVE-2023-38831-WINRAR-EXPLOIT-GENERATOR-POC, Vulners:PublicExploit:GitHub:SPLOITUS:CVE-2024-29988-EXPLOIT, Vulners:PublicExploit:GitHub:GHOSTTROOPS:TOP, Vulners:PublicExploit:GitHub:HKTALENT:TOP, Vulners:PublicExploit:MSF:EXPLOIT-WINDOWS-FILEFORMAT-WINRAR_CVE_2023_38831-, Vulners:PublicExploit:EDB-ID:51935, Vulners:PublicExploit:PACKETSTORM:174573, Vulners:PublicExploit:PACKETSTORM:177803, BDU:PublicExploit websites |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.8 | 14 | WinRAR is a trialware file archiver utility for Windows, developed by Eugene Roshal of win.rar GmbH |
| CVSS Base Score | 0.8 | 10 | CVSS Base Score is 7.8. According to NVD data source |
| EPSS Percentile | 1.0 | 10 | EPSS Probability is 0.9373, EPSS Percentile is 0.99838 |
2. Remote Code Execution - Roundcube (CVE-2020-12641) - Urgent [933]
Description: rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
| Component | Value | Weight | Comment |
|---|
| Exploited in the Wild | 1.0 | 18 | Exploitation in the wild is mentioned on Vulners (AttackerKB object, cisa_kev object), AttackerKB, NVD:CISAKEV, BDU websites |
| Exploit Exists | 1.0 | 17 | The existence of a publicly available exploit is mentioned on NVD:PublicExploit:github.com, BDU:PublicExploit websites |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | Roundcube is a web-based IMAP email client |
| CVSS Base Score | 1.0 | 10 | CVSS Base Score is 9.8. According to NVD data source |
| EPSS Percentile | 1.0 | 10 | EPSS Probability is 0.80252, EPSS Percentile is 0.99053 |
3. 
Code Injection - Roundcube (CVE-2021-44026) - Urgent [927]
Description: Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.
| Component | Value | Weight | Comment |
|---|
| Exploited in the Wild | 1.0 | 18 | Exploitation in the wild is mentioned on Vulners (AttackerKB object, cisa_kev object), AttackerKB, NVD:CISAKEV, BDU websites |
| Exploit Exists | 1.0 | 17 | The existence of a publicly available exploit is mentioned on Vulners:PublicExploit:GitHub:PENTESTTOOLSCOM:ROUNDCUBE-CVE-2021-44026 website |
| Criticality of Vulnerability Type | 0.97 | 15 | Code Injection |
| Vulnerable Product is Common | 0.6 | 14 | Roundcube is a web-based IMAP email client |
| CVSS Base Score | 1.0 | 10 | CVSS Base Score is 9.8. According to NVD data source |
| EPSS Percentile | 1.0 | 10 | EPSS Probability is 0.71898, EPSS Percentile is 0.9864 |
4. 
Elevation of Privilege - Microsoft Outlook (CVE-2023-23397) - Urgent [906]
Description: Microsoft Outlook Elevation of Privilege Vulnerability
| Component | Value | Weight | Comment |
|---|
| Exploited in the Wild | 1.0 | 18 | Exploitation in the wild is mentioned on Vulners (AttackerKB object, cisa_kev object), AttackerKB, Microsoft, NVD:CISAKEV, BDU websites |
| Exploit Exists | 1.0 | 17 | The existence of a publicly available exploit is mentioned on Vulners:PublicExploit:GitHub:AHMEDKHLIEF:CVE-2023-23397-POC-USING-INTEROP-OUTLOOK, Vulners:PublicExploit:GitHub:BILLSKICO:CVE-2023-23397_EXPLOIT, Vulners:PublicExploit:GitHub:CLEVERG0D:CVE-2023-23397-POC-POWERSHELL, Vulners:PublicExploit:GitHub:DJACKREUTER:CVE-2023-23397-POC, Vulners:PublicExploit:GitHub:GILOSPY:CVE-2023-23397, Vulners:PublicExploit:GitHub:AGENTGILSPY:CVE-2023-23397, Vulners:PublicExploit:GitHub:IM007:CVE-2023-23397, Vulners:PublicExploit:GitHub:KA7ANA:CVE-2023-23397, Vulners:PublicExploit:GitHub:SECCTECHS:CVE-2023-23397, Vulners:PublicExploit:GitHub:MONEERTV:CVE-2023-23397, Vulners:PublicExploit:GitHub:BRONZEBEE:CVE-2023-23397, Vulners:PublicExploit:GitHub:SQRTZEROKNOWLEDGE:CVE-2023-23397_EXPLOIT_0DAY, Vulners:PublicExploit:GitHub:ZEPPPERONI:CVE-2023-23397-PATCH, Vulners:PublicExploit:GitHub:TIEPOLOGIAN:CVE-2023-23397, Vulners:PublicExploit:GitHub:THEUNKNOWNSOUL:CVE-2023-23397-POW, Vulners:PublicExploit:GitHub:VLAD-A-MAN:CVE-2023-23397, Vulners:PublicExploit:GitHub:JACQUESQUAIL:CVE-2023-23397, Vulners:PublicExploit:GitHub:PUSHKARUP:CVE-2023-23397, Vulners:PublicExploit:GitHub:D7-M:CVE-2023-23397-EXPLOIT, Vulners:PublicExploit:GitHub:STEVESEC:CVE-2023-23397, Vulners:PublicExploit:GitHub:API0CRADLE:CVE-2023-23397-POC-POWERSHELL, Vulners:PublicExploit:GitHub:AHMEDKHLIEF:CVE-2023-23397-POC, Vulners:PublicExploit:GitHub:MUHAMMAD-ALI007:OUTLOOKNTLM_CVE-2023-23397, Vulners:PublicExploit:GitHub:TRACKFLAW:CVE-2023-23397, Vulners:PublicExploit:GitHub:HKTALENT:TOP, Vulners:PublicExploit:GitHub:GHOSTTROOPS:TOP, BDU:PublicExploit websites |
| Criticality of Vulnerability Type | 0.85 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.6 | 14 | Microsoft Outlook is a personal information manager software system from Microsoft, available as a part of the Microsoft 365 software suites |
| CVSS Base Score | 1.0 | 10 | CVSS Base Score is 9.8. According to Microsoft data source |
| EPSS Percentile | 1.0 | 10 | EPSS Probability is 0.93765, EPSS Percentile is 0.99845 |
5. 
Cross Site Scripting - Roundcube (CVE-2020-35730) - Urgent [850]
Description: An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.
| Component | Value | Weight | Comment |
|---|
| Exploited in the Wild | 1.0 | 18 | Exploitation in the wild is mentioned on Vulners (AttackerKB object, cisa_kev object), AttackerKB, NVD:CISAKEV, BDU websites |
| Exploit Exists | 1.0 | 17 | The existence of a publicly available exploit is mentioned on Vulners:PublicExploit:GitHub:PENTESTTOOLSCOM:ROUNDCUBE-CVE-2021-44026 website |
| Criticality of Vulnerability Type | 0.8 | 15 | Cross Site Scripting |
| Vulnerable Product is Common | 0.6 | 14 | Roundcube is a web-based IMAP email client |
| CVSS Base Score | 0.6 | 10 | CVSS Base Score is 6.1. According to NVD data source |
| EPSS Percentile | 1.0 | 10 | EPSS Probability is 0.58828, EPSS Percentile is 0.98069 |
Critical (0)
High (0)
Medium (0)
Low (0)
Exploitation in the wild detected (5)
Remote Code Execution (2)
Code Injection (1)
Elevation of Privilege (1)
Cross Site Scripting (1)
Public exploit exists, but exploitation in the wild is NOT detected (0)
Other Vulnerabilities (0)