CVE-2025-6218
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-06-21

Last updated on: 2025-12-10

Assigner: Zero Day Initiative

Description
RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of file paths within archive files. A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27198.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-21
Last Modified
2025-12-10
Generated
2026-05-07
AI Q&A
2025-06-21
EPSS Evaluated
2026-05-05
NVD
CVE-2025-6218
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
rarlab winrar to 7.12 (exc)
microsoft windows *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-6218 is a directory traversal remote code execution vulnerability in RARLAB WinRAR. It occurs due to improper handling of file paths within archive files, allowing an attacker to craft file paths that cause the software to extract files to unintended directories. Exploiting this flaw requires user interaction, such as opening a malicious file or visiting a malicious webpage, and enables remote attackers to execute arbitrary code with the privileges of the current user. [1, 2]


How can this vulnerability impact me? :

This vulnerability can allow remote attackers to execute arbitrary code on your system with the privileges of the current user. This means attackers could potentially install malware, steal data, or cause system damage by tricking you into opening a malicious file or visiting a malicious webpage. The impact includes high confidentiality, integrity, and availability risks to your system. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, immediately update WinRAR to the latest version released by RARLAB that addresses CVE-2025-6218. Avoid opening files from untrusted sources or visiting suspicious webpages that could trigger exploitation. Additionally, ensure that users are aware of the risk and exercise caution when handling archive files. [1, 2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart