**Name of the Vulnerable Software and Affected Versions:**

WinRAR versions prior to 7.12

**Description:**

WinRAR contains a directory traversal vulnerability that allows remote attackers to execute arbitrary code on affected systems. User interaction is required, as the target must open a malicious archive file. The vulnerability stems from improper handling of file paths within archive files, enabling crafted paths to traverse to unintended directories, potentially including system folders like Startup. Exploitation can lead to the automatic execution of malicious code in the context of the current user. The Paper Werewolf threat group has been observed exploiting this vulnerability (CVE-2025-6218) in targeted attacks against Russian organizations. Approximately 500 million users worldwide may be affected. A proof-of-concept exploit is publicly available.

**Recommendations:**

Update WinRAR to version 7.12 or later to address this vulnerability.