CVE-2025-8088
Path traversal vulnerability in WinRAR
In short
WinRAR on Windows has a flaw that lets attackers run malicious code by creating specially crafted archive files. When you open these files, the attacker's code can execute on your computer.
Technical detail
A path traversal vulnerability in WinRAR's Windows implementation allows remote code execution through maliciously crafted archive files. The vulnerability exploits insufficient path validation during file extraction, enabling attackers to write and execute arbitrary code; this has been actively exploited in the wild.
Summary generated and translated by AI from the official description.
A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček
from ESET.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
win.rar GmbH · WinRARpublic PoCs found — 29
githubgithub.com/sxyrxyy/CVE-2025-8088-WinRAR-Proof-of-Concept-PoC-Exploit-★ 71githubgithub.com/onlytoxi/CVE-2025-8088-Winrar-Tool★ 56githubgithub.com/knight0x07/WinRAR-CVE-2025-8088-PoC-RAR★ 46githubgithub.com/hexsecteam/CVE-2025-8088-Winrar-Tool★ 40githubgithub.com/pentestfunctions/CVE-2025-8088-Multi-Document★ 36githubgithub.com/aldisakti2/CVE-2025-8088-BUILDER-Winrar-Tool★ 28githubgithub.com/AdityaBhatt3010/CVE-2025-8088-WinRAR-Zero-Day-Path-Traversal★ 12githubgithub.com/pentestfunctions/best-CVE-2025-8088★ 10githubgithub.com/jordan922/CVE-2025-8088★ 10githubgithub.com/starfallreverie/winrar-exploit★ 8githubgithub.com/kitsuneshade/WinRAR-Exploit-Tool---Rust-Edition★ 8githubgithub.com/lennertdefauw/CVE-2025-8088★ 5githubgithub.com/walidpyh/CVE-2025-8088★ 5githubgithub.com/Syrins/CVE-2025-8088-Winrar-Tool-Gui★ 3githubgithub.com/pexlexity/WinRAR-CVE-2025-8088-Path-Traversal-PoC★ 2githubgithub.com/travisbgreen/cve-2025-8088★ 2githubgithub.com/undefined-name12/CVE-2025-8088-Winrar★ 2githubgithub.com/Shinkirou789/Cve-2025-8088-WinRar-vulnerability★ 1githubgithub.com/DeepBlue-dot/CVE-2025-8088-WinRAR-Startup-PoC★ 1githubgithub.com/pescada-dev/-CVE-2025-8088★ 1githubgithub.com/0xAbolfazl/CVE-2025-8088-WinRAR-PathTraversal-PoC★ 1githubgithub.com/ilhamrzr/RAR-Anomaly-Inspector★ 1githubgithub.com/xi0onamdev/WinRAR-CVE-2025-8088-Exploitation-Toolkit★ 0githubgithub.com/nhattanhh/CVE-2025-8088★ 0githubgithub.com/IsmaelCosma/CVE-2025-8088★ 0githubgithub.com/techcorp/CVE-2025-8088-Exploit★ 0githubgithub.com/ghostn4444/CVE-2025-8088★ 0githubgithub.com/shaheeryasirofficial/CVE-2025-8088★ 0githubgithub.com/hbesljx/CVE-2025-8088-EXP★ 0⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://arstechnica.com/security/2025/08/high-severity-winrar-0-day-exploited-for-weeks-by-2-groups/https://support.dtsearch.com/faq/dts0245.htmhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-8088https://www.vicarius.io/vsociety/posts/cve-2025-8088-detect-winrar-zero-dayhttps://www.vicarius.io/vsociety/posts/cve-2025-8088-mitigate-winrar-zero-day-using-srp-and-ifeohttps://www.welivesecurity.com/en/eset-research/update-winrar-tools-now-romcom-and-others-exploiting-zero-day-vulnerability/#the-discovery-of-cve-2025-8088https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=283&cHash=a64b4a8f662d3639dec8d65f47bc93c5