Exploit for CVE-2024-55504

Name: Exploit for CVE-2024-55504
Rating: 5 (101 reviews)

2025-01-19 | CVSS 5.5

## https://sploitus.com/exploit?id=07C64C7A-A882-5AB1-8A47-B7BB0720B004
# CVE-2024-55504
 An issue in RAR Extractor - Unarchiver Free and Pro v.6.4.0 allows local attackers to inject arbitrary code potentially leading to remote control and unauthorized access to sensitive user data via the exploit_combined.dylib component on MacOS

 # Reproduce
From Terminal
```bash
DYLD_INSERT_LIBRARIES=exploit_combined.dylib /Applications/RAR\ Extractor\ -\ Unarchiver\ Pro.app/Contents/MacOS/RAR\ Extractor\ -\ Unarchiver\ Pro
```
![image](https://github.com/user-attachments/assets/50fb47d0-16ef-4992-a2ff-63187976e87b)
# Impact
Code Execution (local)

# References
https://apps.apple.com/us/app/rar-extractor-unarchiver-pro/id647505820?mt=12

https://vulners.com/cve/CVE-2024-55504

By Zaid Hamad