This paragraph provides a concise summary of the text, covering key points without using lists or code. The vulnerability in unrar allows an attacker to execute arbitrary code on a vulnerable Zimbra instance by exploiting a path traversal bug in the unrar utility. This vulnerability can lead to pre-authenticated remote code execution (RCE) and is particularly concerning because it affects software that extracts RAR archives, such as Zimbra's spam checking and virus scanning services. The patch for this issue has been released by RarLab, and Zimbra has taken steps to mitigate the risk by configuring Amavis to use 7z instead of unrar to extract incoming RAR attachments.