CVE-2025-8088— WinRAR 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2025-8088の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Path traversal vulnerability in WinRAR
ソース: NVD (National Vulnerability Database)
脆弱性説明
A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
路径遍历:’…/…//’
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
WinRAR 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
WinRAR是WinRAR公司的一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 WinRAR存在安全漏洞,该漏洞源于路径遍历问题,可能导致任意代码执行。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| win.rar GmbH | WinRAR | 0 ~ 7.12 | - |
II. CVE-2025-8088の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|---|---|---|
| 1 | Python tool for safe archive handling, path traversal awareness, and secure extraction. Inspired by CVE-2025-8088. | https://github.com/jordan922/CVE-2025-8088 | POC詳細 |
| 2 | cve-2025-8088_detection | https://github.com/travisbgreen/cve-2025-8088 | POC詳細 |
| 3 | WinRAR 0day CVE-2025-8088 PoC RAR Archive | https://github.com/knight0x07/WinRAR-CVE-2025-8088-PoC-RAR | POC詳細 |
| 4 | CVE-2025-8088 WinRAR Proof of Concept (PoC-Exploit) | https://github.com/sxyrxyy/CVE-2025-8088-WinRAR-Proof-of-Concept-PoC-Exploit- | POC詳細 |
| 5 | Advanced WinRAR Path Traversal Exploit Tool for CVE-2025-8088 | https://github.com/onlytoxi/CVE-2025-8088-Winrar-Tool | POC詳細 |
| 6 | None | https://github.com/0xAbolfazl/CVE-2025-8088-WinRAR-PathTraversal-PoC | POC詳細 |
| 7 | Exploit systems using older WinRAR | https://github.com/pentestfunctions/CVE-2025-8088-Multi-Document | POC詳細 |
| 8 | Proof-of-Concept for CVE-2025-8088 vulnerability in WinRAR (path traversal via ADS) | https://github.com/pexlexity/WinRAR-CVE-2025-8088-Path-Traversal-PoC | POC詳細 |
| 9 | None | https://github.com/Syrins/CVE-2025-8088-Winrar-Tool-Gui | POC詳細 |
| 10 | 🚀 Demonstrate the WinRAR CVE-2025-8088 exploit with a PoC RAR archive that installs a VBScript on startup, showcasing its impact on vulnerable systems. | https://github.com/amel-62/WinRAR-CVE-2025-8088-PoC-RAR | POC詳細 |
| 11 | This PoC is for authorized study and testing. CVE-2025-8088 is actively exploited, and misuse may violate laws or cause harm. Update to WinRAR 7.13+ to avoid suspicious RARs. | https://github.com/ghostn4444/CVE-2025-8088 | POC詳細 |
| 12 | None | https://github.com/DeepBlue-dot/CVE-2025-8088-WinRAR-Startup-PoC | POC詳細 |
| 13 | POWERSHEL script to check if your device is affected or no | https://github.com/pescada-dev/-CVE-2025-8088 | POC詳細 |
| 14 | An engaging walkthrough on uncovering, patching, and securing the WinRAR CVE-2025-8088 with a hands-on hacker’s twist. | https://github.com/AdityaBhatt3010/CVE-2025-8088-WinRAR-Zero-Day-Path-Traversal | POC詳細 |
| 15 | Winrar CVE exploitation before 7.13 using multiple ADS streams on a single file (Custom PDF implementation) | https://github.com/pentestfunctions/best-CVE-2025-8088 | POC詳細 |
| 16 | None | https://github.com/nyra-workspace/CVE-2025-8088 | POC詳細 |
| 17 | A high-performance, memory-safe implementation of the WinRAR CVE-2025-8088 exploit tool, rewritten in Rust for better reliability and performance. | https://github.com/kitsuneshade/WinRAR-Exploit-Tool---Rust-Edition | POC詳細 |
| 18 | None | https://github.com/walidpyh/CVE-2025-8088 | POC詳細 |
| 19 | None | https://github.com/hexsecteam/CVE-2025-8088-Winrar-Tool | POC詳細 |
| 20 | WinRAR CVE-2025-8088 exploit tool | https://github.com/cozythrill/CVE-2025-8088 | POC詳細 |
| 21 | CVE-2025-8088 path traversal tool | https://github.com/tartalu/CVE-2025-8088 | POC詳細 |
| 22 | A proof-of-concept exploit for WinRAR vulnerability (CVE-2025-8088) affecting versions 7.12 and lower. This tool creates a malicious RAR archive that embeds payloads in Alternate Data Streams (ADS) with path traversal, potentially leading to arbitrary code execution. | https://github.com/techcorp/CVE-2025-8088-Exploit | POC詳細 |
| 23 | CVE-2025-8088 | https://github.com/nhattanhh/CVE-2025-8088 | POC詳細 |
| 24 | None | https://github.com/Shinkirou789/Cve-2025-8088-WinRar-vulnerability | POC詳細 |
| 25 | WinRAR漏洞CVE-2025-8088的payload一键生成工具 | https://github.com/hbesljx/CVE-2025-8088-EXP | POC詳細 |
| 26 | CVE-2025-8088 path traversal tool | https://github.com/Osinskitito499/CVE-2025-8088 | POC詳細 |
| 27 | CVE-2025-8088 path traversal tool | https://github.com/m4nbun/CVE-2025-8088 | POC詳細 |
| 28 | 🚨 Exploit WinRAR CVE-2025-8088 with this PoC RAR archive, demonstrating the vulnerability and its impact when executed on the affected software. | https://github.com/pablo388/WinRAR-CVE-2025-8088-PoC-RAR | POC詳細 |
| 29 | CVE-2025-8088 exploit C++ impl | https://github.com/lucyna77/winrar-exploit | POC詳細 |
| 30 | CVE-2025-8088 based path traversal tool | https://github.com/kyomber/CVE-2025-8088 | POC詳細 |
| 31 | None | https://github.com/Fathi-MO/POC-CVE-2025-8088 | POC詳細 |
| 32 | CVE-2025-8088 based path traversal tool | https://github.com/haspread/CVE-2025-8088 | POC詳細 |
| 33 | CVE-2025-8088 based path traversal tool | https://github.com/tookATE/CVE-2025-8088 | POC詳細 |
| 34 | WinRAR 0day CVE-2025-8088 PoC RAR Archive | https://github.com/Snorx-cyber/CVE-2025-8088-builder | POC詳細 |
| 35 | CVE-2025-8088-BUILDER | https://github.com/aldisakti2/CVE-2025-8088-BUILDER-Winrar-Tool | POC詳細 |
| 36 | path traversal tool based on cve-2025-8088 | https://github.com/blowrrr/cve-2025-8088 | POC詳細 |
| 37 | A POC exploit for WinRAR vulnerability (CVE-2025-8088) affecting versions 7.12 and lower | https://github.com/papcaii2004/CVE-2025-8088-WinRAR-builder | POC詳細 |
| 38 | Path traversal tool based on cve-2025-8088 vulnerability | https://github.com/kaucent/CVE-2025-8088 | POC詳細 |
| 39 | path traversal tool based on cve 2025 8088 vurnelability | https://github.com/mocred/cve-2025-8088 | POC詳細 |
| 40 | CVE-2025-8088 | https://github.com/B1ack4sh/Blackash-CVE-2025-8088 | POC詳細 |
| 41 | None | https://github.com/nuky-alt/CVE-2025-8088 | POC詳細 |
| 42 | Path traversal tool based on cve 2025 8088 | https://github.com/h4vier/cve-2025-8088 | POC詳細 |
| 43 | Path traversal tool based on cve-2025-8088 | https://github.com/4daysday/cve-2025-8088 | POC詳細 |
| 44 | CVE-2025-8088 | https://github.com/Ashwesker/Blackash-CVE-2025-8088 | POC詳細 |
| 45 | None | https://github.com/xi0onamdev/WinRAR-CVE-2025-8088-Exploitation-Toolkit | POC詳細 |
| 46 | 🛠 Exploit CVE-2025-8088 with this Python tool to generate malicious WinRAR archives that ensure payload persistence in Windows startup folders. | https://github.com/Markusino488/cve-2025-8088 | POC詳細 |
| 47 | CVE 2025 8088 | https://github.com/vitalichkaa/CVE-2025-8088 | POC詳細 |
| 48 | Defensive PowerShell tool for static inspection of RAR archives and detection of CVE-2025-8088 path traversal anomalies. | https://github.com/ilhamrzr/RAR-Anomaly-Inspector | POC詳細 |
| 49 | None | https://github.com/Ismael-20223/CVE-2025-8088 | POC詳細 |
| 50 | Herramienta avanzada de explotación transversal de ruta de WinRAR para CVE-2025-8088 | https://github.com/undefined-name12/CVE-2025-8088-Winrar | POC詳細 |
| 51 | None | https://github.com/IsmaelCosma/CVE-2025-8088 | POC詳細 |
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2025-8088のインテリジェンス情報
请登录查看更多情报信息。
IV. 関連脆弱性
V. CVE-2025-8088へのコメント
まだコメントはありません