This flaw impacts WinRAR versions prior to 7.13 and leverages a directory traversal bug to allow attackers to drop and execute malicious code on a target system without the victim’s knowledge.