Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-11001 PoC — 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability

Source
https://github.com/B1ack4sh/Blackash-CVE-2025-11001
Associated Vulnerability
Title:7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability (CVE-2025-11001)
Description:7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of symbolic links in ZIP files. Crafted data in a ZIP file can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of a service account. Was ZDI-CAN-26753.
Description
CVE-2025-11001
Readme
# 🔥 **CVE-2025-11001: Critical 7-Zip RCE Vulnerability** 🔥

![_7-Zip RCE Vulnerability Actively Exploited by Hackers (1)](https://github.com/user-attachments/assets/7b2f6076-4c4e-480a-a519-73322c701ff6)

⚠️ **Severity**: Critical (Remote Code Execution)  
🛠️ **Affected**: 7-Zip < 25.00 (Windows + Linux p7zip)  
🧨 **Exploit Type**: Malicious ZIP → Directory Traversal + RCE  
🔗 **CWE**: CWE-22 (Path Traversal)  
🕵️‍♂️ **Public Exploit**: Yes, already circulating  
📅 **Disclosed**: October 7, 2025  

### 🎯 How It Works  
Attackers craft a booby-trapped .zip file containing `../../evil.exe` or similar paths. When you extract it with vulnerable 7-Zip → bam! Files are written anywhere on the system → instant code execution. 💥 

### 🧨 Usage:

```
python3 CVE-2025-11001.py -t "C:\Users\pac\Desktop" -o demo.zip --data-file calc.exe
```

### 🖥️ Affected Platforms (as of Nov 2025)  
| Platform       | Status                  | Emoji Verdict      |
|----------------|-------------------------|--------------------|
| Windows 7-Zip  | < 25.00 → Vulnerable    | ❌ Patch NOW!      |
| Debian p7zip   | Still unpatched         | 😱 Danger zone     |
| Ubuntu         | Partial fixes           | ⚠️ Update ASAP     |
| 7-Zip ≥ 25.00  | Fixed                   | ✅ Safe            |

### 🛡️ Immediate Fix  
🚀 **Download 7-Zip 25.00+** → https://github.com/ip7z/7zip/releases/tag/25.00  
🔍 Scan with Nessus (plugin 270234)  
🏖️ Extract unknown ZIPs only in sandbox  

Don’t be the next victim — patch today and stay safe out there! 🛡️✨
File Snapshot

 [4.0K]  /data/pocs/a89fcb97478c8e4c93a32370eca514d3dd041b74
├── [2.3K]  CVE-2025-11001.py
└── [1.6K]  README.md

1 directory, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →