Main Vulnerability Database Exploits ID:11890 - Exploit for Path traversal in WinRAR - CVE-2025-8088

ID:11890 - Exploit for Path traversal in WinRAR - CVE-2025-8088

Published: August 29, 2025

Vulnerability identifier: #VU113784

Vulnerability risk: Critical

CVE-ID: CVE-2025-8088

CWE-ID: CWE-22

Exploitation vector: Remote access

Vulnerable software:
WinRAR

Link to public exploit:

https://github.com/kitsuneshade/WinRAR-Exploit-Tool---Rust-Edition

Vulnerability description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences inside archives. A remote attacker can trick the victim into opening specially crafted archive and overwrite arbitrary files on the system, leading to remote code execution.

Note, the vulnerability is being actively exploited in the wild.

Remediation

Install updates from vendor's website.

ID:11890 - Exploit for Path traversal in WinRAR - CVE-2025-8088

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human