CVE-2025-8088— Path traversal vulnerability in WinRAR
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-8088
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path traversal vulnerability in WinRAR
Source: NVD (National Vulnerability Database)
Vulnerability Description
A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
路径遍历:’…/…//’
Source: NVD (National Vulnerability Database)
Vulnerability Title
WinRAR 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
WinRAR是WinRAR公司的一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 WinRAR存在安全漏洞,该漏洞源于路径遍历问题,可能导致任意代码执行。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| win.rar GmbH | WinRAR | 0 ~ 7.12 | - |
II. Public POCs for CVE-2025-8088
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Python tool for safe archive handling, path traversal awareness, and secure extraction. Inspired by CVE-2025-8088. | https://github.com/jordan922/CVE-2025-8088 | POC Details |
| 2 | cve-2025-8088_detection | https://github.com/travisbgreen/cve-2025-8088 | POC Details |
| 3 | WinRAR 0day CVE-2025-8088 PoC RAR Archive | https://github.com/knight0x07/WinRAR-CVE-2025-8088-PoC-RAR | POC Details |
| 4 | CVE-2025-8088 WinRAR Proof of Concept (PoC-Exploit) | https://github.com/sxyrxyy/CVE-2025-8088-WinRAR-Proof-of-Concept-PoC-Exploit- | POC Details |
| 5 | Advanced WinRAR Path Traversal Exploit Tool for CVE-2025-8088 | https://github.com/onlytoxi/CVE-2025-8088-Winrar-Tool | POC Details |
| 6 | None | https://github.com/0xAbolfazl/CVE-2025-8088-WinRAR-PathTraversal-PoC | POC Details |
| 7 | Exploit systems using older WinRAR | https://github.com/pentestfunctions/CVE-2025-8088-Multi-Document | POC Details |
| 8 | Proof-of-Concept for CVE-2025-8088 vulnerability in WinRAR (path traversal via ADS) | https://github.com/pexlexity/WinRAR-CVE-2025-8088-Path-Traversal-PoC | POC Details |
| 9 | None | https://github.com/Syrins/CVE-2025-8088-Winrar-Tool-Gui | POC Details |
| 10 | 🚀 Demonstrate the WinRAR CVE-2025-8088 exploit with a PoC RAR archive that installs a VBScript on startup, showcasing its impact on vulnerable systems. | https://github.com/amel-62/WinRAR-CVE-2025-8088-PoC-RAR | POC Details |
| 11 | This PoC is for authorized study and testing. CVE-2025-8088 is actively exploited, and misuse may violate laws or cause harm. Update to WinRAR 7.13+ to avoid suspicious RARs. | https://github.com/ghostn4444/CVE-2025-8088 | POC Details |
| 12 | None | https://github.com/DeepBlue-dot/CVE-2025-8088-WinRAR-Startup-PoC | POC Details |
| 13 | POWERSHEL script to check if your device is affected or no | https://github.com/pescada-dev/-CVE-2025-8088 | POC Details |
| 14 | An engaging walkthrough on uncovering, patching, and securing the WinRAR CVE-2025-8088 with a hands-on hacker’s twist. | https://github.com/AdityaBhatt3010/CVE-2025-8088-WinRAR-Zero-Day-Path-Traversal | POC Details |
| 15 | Winrar CVE exploitation before 7.13 using multiple ADS streams on a single file (Custom PDF implementation) | https://github.com/pentestfunctions/best-CVE-2025-8088 | POC Details |
| 16 | None | https://github.com/nyra-workspace/CVE-2025-8088 | POC Details |
| 17 | A high-performance, memory-safe implementation of the WinRAR CVE-2025-8088 exploit tool, rewritten in Rust for better reliability and performance. | https://github.com/kitsuneshade/WinRAR-Exploit-Tool---Rust-Edition | POC Details |
| 18 | None | https://github.com/walidpyh/CVE-2025-8088 | POC Details |
| 19 | None | https://github.com/hexsecteam/CVE-2025-8088-Winrar-Tool | POC Details |
| 20 | WinRAR CVE-2025-8088 exploit tool | https://github.com/cozythrill/CVE-2025-8088 | POC Details |
| 21 | CVE-2025-8088 path traversal tool | https://github.com/tartalu/CVE-2025-8088 | POC Details |
| 22 | A proof-of-concept exploit for WinRAR vulnerability (CVE-2025-8088) affecting versions 7.12 and lower. This tool creates a malicious RAR archive that embeds payloads in Alternate Data Streams (ADS) with path traversal, potentially leading to arbitrary code execution. | https://github.com/techcorp/CVE-2025-8088-Exploit | POC Details |
| 23 | CVE-2025-8088 | https://github.com/nhattanhh/CVE-2025-8088 | POC Details |
| 24 | None | https://github.com/Shinkirou789/Cve-2025-8088-WinRar-vulnerability | POC Details |
| 25 | WinRAR漏洞CVE-2025-8088的payload一键生成工具 | https://github.com/hbesljx/CVE-2025-8088-EXP | POC Details |
| 26 | CVE-2025-8088 path traversal tool | https://github.com/Osinskitito499/CVE-2025-8088 | POC Details |
| 27 | CVE-2025-8088 path traversal tool | https://github.com/m4nbun/CVE-2025-8088 | POC Details |
| 28 | 🚨 Exploit WinRAR CVE-2025-8088 with this PoC RAR archive, demonstrating the vulnerability and its impact when executed on the affected software. | https://github.com/pablo388/WinRAR-CVE-2025-8088-PoC-RAR | POC Details |
| 29 | CVE-2025-8088 exploit C++ impl | https://github.com/lucyna77/winrar-exploit | POC Details |
| 30 | CVE-2025-8088 based path traversal tool | https://github.com/kyomber/CVE-2025-8088 | POC Details |
| 31 | None | https://github.com/Fathi-MO/POC-CVE-2025-8088 | POC Details |
| 32 | CVE-2025-8088 based path traversal tool | https://github.com/haspread/CVE-2025-8088 | POC Details |
| 33 | CVE-2025-8088 based path traversal tool | https://github.com/tookATE/CVE-2025-8088 | POC Details |
| 34 | WinRAR 0day CVE-2025-8088 PoC RAR Archive | https://github.com/Snorx-cyber/CVE-2025-8088-builder | POC Details |
| 35 | CVE-2025-8088-BUILDER | https://github.com/aldisakti2/CVE-2025-8088-BUILDER-Winrar-Tool | POC Details |
| 36 | path traversal tool based on cve-2025-8088 | https://github.com/blowrrr/cve-2025-8088 | POC Details |
| 37 | A POC exploit for WinRAR vulnerability (CVE-2025-8088) affecting versions 7.12 and lower | https://github.com/papcaii2004/CVE-2025-8088-WinRAR-builder | POC Details |
| 38 | Path traversal tool based on cve-2025-8088 vulnerability | https://github.com/kaucent/CVE-2025-8088 | POC Details |
| 39 | path traversal tool based on cve 2025 8088 vurnelability | https://github.com/mocred/cve-2025-8088 | POC Details |
| 40 | CVE-2025-8088 | https://github.com/B1ack4sh/Blackash-CVE-2025-8088 | POC Details |
| 41 | None | https://github.com/nuky-alt/CVE-2025-8088 | POC Details |
| 42 | Path traversal tool based on cve 2025 8088 | https://github.com/h4vier/cve-2025-8088 | POC Details |
| 43 | Path traversal tool based on cve-2025-8088 | https://github.com/4daysday/cve-2025-8088 | POC Details |
| 44 | CVE-2025-8088 | https://github.com/Ashwesker/Blackash-CVE-2025-8088 | POC Details |
| 45 | None | https://github.com/xi0onamdev/WinRAR-CVE-2025-8088-Exploitation-Toolkit | POC Details |
| 46 | 🛠 Exploit CVE-2025-8088 with this Python tool to generate malicious WinRAR archives that ensure payload persistence in Windows startup folders. | https://github.com/Markusino488/cve-2025-8088 | POC Details |
| 47 | CVE 2025 8088 | https://github.com/vitalichkaa/CVE-2025-8088 | POC Details |
| 48 | Defensive PowerShell tool for static inspection of RAR archives and detection of CVE-2025-8088 path traversal anomalies. | https://github.com/ilhamrzr/RAR-Anomaly-Inspector | POC Details |
| 49 | None | https://github.com/Ismael-20223/CVE-2025-8088 | POC Details |
| 50 | Herramienta avanzada de explotación transversal de ruta de WinRAR para CVE-2025-8088 | https://github.com/undefined-name12/CVE-2025-8088-Winrar | POC Details |
| 51 | None | https://github.com/IsmaelCosma/CVE-2025-8088 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-8088
请登录查看更多情报信息。
IV. Related Vulnerabilities
V. Comments for CVE-2025-8088
No comments yet