PT-2025-32352 · Rarlab+1 · Winrar
Anton Cherepanov
+2
·
Published
2025-07-30
·
Updated
2026-06-29
·
CVE-2025-8088
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WinRAR versions prior to 7.13
Description
A path traversal vulnerability in the Windows version of WinRAR allows attackers to execute arbitrary code by crafting malicious archive files. The issue stems from improper restriction of directory path names, enabling the extraction process to escape the target directory and write files into restricted system folders, such as the Startup folder. This allows for the automatic execution of malicious code in the context of the current user. This flaw has been exploited in the wild by various APT groups, including Amaranth-Dragon and Gamaredon, to target government and military networks for cyber-espionage.
Recommendations
Update WinRAR to version 7.13 or newer.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Winrar