← Volver a CVEs

CVE-2025-6218

N/ACISA KEV

Descripcion

RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of file paths within archive files. A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27198.

Detalles CVE

Puntuacion CVSS v3.1N/A

Publicado6/21/2025

Ultima modificacion12/10/2025

Fuentekev

Avistamientos honeypot0

CISA KEV

VendedorRARLAB

ProductoWinRAR

Nombre vulnerabilidadRARLAB WinRAR Path Traversal Vulnerability

Fecha inclusion KEV2025-12-09

Fecha limite remediacion2025-12-30

Uso en ransomwareUnknown

Productos afectados

microsoft:windowsrarlab:winrar

Debilidades (CWE)

CWE-22

Referencias

https://www.win-rar.com/singlenewsview.html?&tx_ttnews%5Btt_news%5D=276&cHash=388885bd3908a40726f535c026f94eb6(zdi-disclosures@trendmicro.com)

https://www.zerodayinitiative.com/advisories/ZDI-25-409/(zdi-disclosures@trendmicro.com)

https://foresiet.com/blog/apt-c-08-winrar-directory-traversal-exploit/(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-6218(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.secpod.com/blog/archive-terror-dissecting-the-winrar-cve-2025-6218-exploit-apt-c-08s-stealth-move/(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.