← Back to CVEs
CVE-2018-20250
HIGHCISA KEV7.8
Description
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
CVE Details
CVSS v3.1 Score7.8
SeverityHIGH
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
Published2/5/2019
Last Modified10/31/2025
Sourcekev
Honeypot Sightings0
CISA KEV
VendorRARLAB
ProductWinRAR
Vulnerability NameWinRAR Absolute Path Traversal Vulnerability
KEV Date Added2022-02-15
Remediation Due Date2022-08-15
Ransomware UseKnown
Affected Products
rarlab:winrar
Weaknesses (CWE)
CWE-36CWE-22
References
http://packetstormsecurity.com/files/152618/RARLAB-WinRAR-ACE-Format-Input-Validation-Remote-Code-Execution.html(cve@checkpoint.com)
http://www.rapid7.com/db/modules/exploit/windows/fileformat/winrar_ace(cve@checkpoint.com)
http://www.securityfocus.com/bid/106948(cve@checkpoint.com)
https://github.com/blau72/CVE-2018-20250-WinRAR-ACE(cve@checkpoint.com)
https://research.checkpoint.com/extracting-code-execution-from-winrar/(cve@checkpoint.com)
https://www.exploit-db.com/exploits/46552/(cve@checkpoint.com)
https://www.exploit-db.com/exploits/46756/(cve@checkpoint.com)
https://www.win-rar.com/whatsnew.html(cve@checkpoint.com)
http://packetstormsecurity.com/files/152618/RARLAB-WinRAR-ACE-Format-Input-Validation-Remote-Code-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.rapid7.com/db/modules/exploit/windows/fileformat/winrar_ace(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/106948(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/blau72/CVE-2018-20250-WinRAR-ACE(af854a3a-2127-422b-91ae-364da2661108)
https://research.checkpoint.com/extracting-code-execution-from-winrar/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/46552/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/46756/(af854a3a-2127-422b-91ae-364da2661108)
https://www.win-rar.com/whatsnew.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-20250(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.