This exploit leverages a WinRAR SFX OLE command execution vulnerability by generating malicious HTML/JavaScript code that triggers a calculator popup when embedded in a WinRAR SFX archive. It uses VBScript to execute shell commands via OLE automation.
Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target:WinRAR 5.21
No auth needed
Prerequisites:WinRAR 5.21 installed on Windows XP SP3 · Victim must open the malicious SFX archive