AI description
CVE-2025-6218 is a directory traversal remote code execution vulnerability that affects RARLAB WinRAR. It allows remote attackers to execute arbitrary code on affected installations. Exploitation of this vulnerability requires user interaction, as the target must visit a malicious page or open a malicious file. The vulnerability lies in how WinRAR handles file paths within archive files, where a specially crafted file path can cause the process to traverse to unintended directories. By leveraging this vulnerability, an attacker can execute code within the security context of the current user.
- Description
- RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of file paths within archive files. A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27198.
- Source
- zdi-disclosures@trendmicro.com
- NVD status
- Awaiting Analysis
CVSS 3.0
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- zdi-disclosures@trendmicro.com
- CWE-22
- Hype score
- Not currently trending
WinRAR users beware two critical vulnerabilities CVE-2025-6218 and CVE-2025-8088 allow attackers to write files outside intended extraction directories leading to persistent infections and remote code execution in enterprise environments. CVE-2025-6218 is a traditional
@Tudorel92659164
26 Aug 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Two high-severity vulnerabilities in WinRAR (CVE-2025-6218 & CVE-2025-8088) allow attackers to exploit path traversal and NTFS ADS for stealthy persistence and RCE, with active exploitation observed by threat actors like RomCom. #CyberSecurity #WinRAR https://t.co/iux0iDWr2U
@Cyber_O51NT
26 Aug 2025
240 Impressions
1 Retweet
3 Likes
1 Bookmark
1 Reply
0 Quotes
ハッカー グループがWinRARの脆弱性をサイバー攻撃へ悪用(CVE-2025-6218) #セキュリティ対策Lab #セキュリティ #Security https://t.co/eukgpH5mCy
@securityLab_jp
25 Aug 2025
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The https://t.co/feern4lowH Threat Intelligence team reported that the Paper Werewolf group exploited a WinRAR zero-day vulnerability, CVE-2025-6218, in targeted phishing attacks against Russian entities in July 2025. #CyberSecurity #ThreatIntel https://t.co/5DeHRWk2cb
@Cyber_O51NT
20 Aug 2025
149 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Dangerous zero-day remote code execution (RCE) vulnerability in WinRAR, tracked as CVE-2025-6218 with a CVSS score of 7.8, is now being sold on the dark web.@KeCIRT @CA_Kenya @kcsfa @CSAGhana @NSACyber @MichelleNgele_ https://t.co/Isa5F0Ku8q
@Ke_Cyber
12 Aug 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
WinRAR zero-day CVE-2025-8088 - our detections New YARA catching ADS-based path traversal in RAR archives dropping into Startup: https://t.co/cihrKr1rDi by Arnim Rupp CVE-2025-6218) detects WinRAR/Rar.exe writing into Startup. Same effect here – so it also fires. We’ll prom
@nextronresearch
11 Aug 2025
12882 Impressions
19 Retweets
46 Likes
17 Bookmarks
0 Replies
2 Quotes
#VulnerabilityReport #CompressionUtility CVE-2025-6218: WinRAR Directory Traversal Bug Opens the Door to Remote Code Execution https://t.co/baFJgkIFls
@Komodosec
30 Jul 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRAR CVE-2025-6218 Detection A KQL query designed to monitor for potential exploitation of CVE-2025-6218—a directory traversal vulnerability in WinRAR—until the affected infrastructure is fully patched and secured. https://t.co/1Suu7h9YON https://t.co/KCPYjFdaqG
@0x534c
14 Jul 2025
2950 Impressions
12 Retweets
56 Likes
24 Bookmarks
1 Reply
0 Quotes
WinRARにおいて新たなゼロデイ脆弱性が発見され、ダークウェブで約8万ドルで販売されている。脆弱性は既知のCVE-2025-6218とは別のもので、最新および旧バージョンのWinRARに影響を与え、リモートコード実行を
@yousukezan
14 Jul 2025
3985 Impressions
15 Retweets
33 Likes
8 Bookmarks
0 Replies
1 Quote
A single archive file could compromise your system!🚨 A critical vulnerability (CVE-2025-6218) in WinRAR ≤ 7.11 allows attackers to run malicious code without admin access. Secure your systems with Cynical Technology. 📩 info@cynicaltechnology.com 🌐 https://t.co/Apwac
@cynical_sec
10 Jul 2025
19 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#Poc CVE-2025-6218 WinRAR Directory Traversal | RCE https://t.co/WYqUbQQqiK #winrar #RCE https://t.co/py9SlFgn7L
@absholi7ly
10 Jul 2025
104 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-6218: RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. https://t.co/MsHLvYoVXo https://t.co/Cq1hfBYtrz
@cyber_advising
3 Jul 2025
2143 Impressions
14 Retweets
23 Likes
17 Bookmarks
0 Replies
0 Quotes
If you haven’t updated WinRAR yet - do it NOW. There are some Security Fixes that you need to consider. (CVE-2025-6218 with CVSS Score 7.8 - High) https://t.co/f1gmbfbnTA #Windows #WinRAR
@0x5h4d0w_
2 Jul 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Atualize já o WinRAR para a versão 7.12! Essa atualização corrige uma falha grave (CVE-2025-6218) que poderia permitir extração de arquivos maliciosos em pastas sensíveis, protegendo seu PC contra ataques. https://t.co/69dqEKjOfK
@j_a_p_a_h__
29 Jun 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨⌛️Se ha corregido una vulnerabilidad crítica en WinRAR (CVE-2025-6218) que permite la ejecución remota de malware al extraer archivos comprimidos. Se recomienda actualizar a la versión 7.12 para garantizar la seguridad de sus sistemas: https://t.co/zdcoYSs36c #WinRAR
@henryraul
29 Jun 2025
168 Impressions
10 Retweets
19 Likes
1 Bookmark
0 Replies
1 Quote
GitHub - speinador/CVE-2025-6218_WinRAR - https://t.co/JKSLZ2JgBk
@piedpiper1616
27 Jun 2025
1434 Impressions
13 Retweets
32 Likes
3 Bookmarks
0 Replies
0 Quotes
📌 Critical vulnerability in WinRAR (CVE-2025-6218) allows attackers to execute arbitrary code via malicious compressed files. User interaction required. #CyberSecurity #WinRAR https://t.co/hjBDO2esPH https://t.co/99DkDUddww
@CyberHub_blog
26 Jun 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRAR has addressed a directory traversal vulnerability tracked as CVE-2025-6218 that, under certain circumstances, allows malware to be executed after extracting a malicious archive. The flaw tracked as CVE-2025-6218 and assigned a CVSS score of 7.8. https://t.co/eaK8XSDyGH htt
@riskigy
26 Jun 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRAR has addressed a directory traversal vulnerability tracked as CVE-2025-6218 that, under certain circumstances, allows malware to be executed after extracting a malicious archive. https://t.co/Lh0QiirTAO
@blackwired32799
26 Jun 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
解凍ソフト WinRARでリモートコード実行の可能性がある脆弱性(CVE-2025-6218) #セキュリティ対策Lab #セキュリティ #Security https://t.co/BuwEnV4pfi
@securityLab_jp
25 Jun 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad de alto riesgo de WinRAR RCE corregida. ¡Actualice pronto! (CVE-2025-6218). Dado que WinRAR no tiene una función de actualización automática, los usuarios deben descargar e instalar manualmente la última versión disponible. #cybersecurity https://t.co/ZWmM
@EHCGroup
25 Jun 2025
17 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
WinRAR has issued a security update for version 7.12 beta 1 to fix CVE-2025-6218, a high-severity vulnerability allowing malicious archives to execute code or steal data on Windows systems. Stay safe! 🚨 #WinRAR #SecurityFix #Japan https://t.co/5Ah5CV3xVa
@TweetThreatNews
25 Jun 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRAR patches critical security flaw CVE-2025-6218 allowing malware execution. Learn more at: https://t.co/fKeY5zz0Ey #Cybersecurity #InfoSec #MalwarePrevention
@threatlight
25 Jun 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRAR Flaw (CVE-2025-6218): Remote Code Execution via Directory Traversal, Patch Available! https://t.co/W6tx8jpXtZ
@the_yellow_fall
25 Jun 2025
493 Impressions
6 Retweets
9 Likes
4 Bookmarks
0 Replies
0 Quotes
یک آسیب پذیری از نوع Directory Traversal و با شناسه ی CVE-2025-6218 و امتیاز 7.8 در WinRAR گزارش و اصلاح شده، که امکان RCE رو به مهاجم میده. آسیب پذیری در مدیریت مسیر فایل در داخل
@LastStandNews24
25 Jun 2025
432 Impressions
0 Retweets
2 Likes
1 Bookmark
1 Reply
0 Quotes
⚠️Vulnerabilidad en software WinRAR ❗CVE-2025-6218 ➡️Más info: https://t.co/gg4db6v9fo https://t.co/A28rY1C7fl
@CERTpy
24 Jun 2025
244 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218): https://t.co/xBmPD9cV4g
@CyberBitess
24 Jun 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
High-risk WinRAR RCE vulnerability patched, update now CVE-2025-6218 is a critical directory traversal vulnerability in WinRAR, discovered by "whs3-detonator" via Trend Micro’s Zero Day Initiative. It affects WinRAR v7.11 and earlier on Windows, allowing attackers to execute h
@dCypherIO
24 Jun 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
High-risk #WinRAR RCE #vulnerability patched, update quickly! (#CVE-2025-6218) https://t.co/3IMCzfGphU
@ScyScan
24 Jun 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Alerta WinRAR! Milhões em risco com nova falha RCE (CVE-2025-6218). Atualize para a versão 7.12 Beta 1 ou mais recente AGORA! 🛡️ Não baixe arquivos de fontes desconhecidas. #Cybersecurity #WinRAR #Vulnerability https://t.co/1q8eTe8MvH
@fernandokarl
24 Jun 2025
18 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
A flaw (CVE-2025-6218, CVSS 7.8) in WinRAR allows remote code execution via directory traversal when opening crafted archives. Update to 7.12 Beta 1 immediately! #WinRAR #RCE #Cybersecurity #Vulnerability #PatchNow https://t.co/0FarkOBjjP
@the_yellow_fall
24 Jun 2025
697 Impressions
4 Retweets
13 Likes
6 Bookmarks
0 Replies
0 Quotes