English
EN
Français
FR
Language
English
EN
Français
FR

CVE Vulnerabilities

Posts & Pages

No results found for ""

Try different keywords or check spelling

Search in CVE database, posts & pages • Press ESC to close

DNA View

⚠️ CISA Known Exploited Vulnerability

Active Threat

This vulnerability is listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. Active exploitation has been observed in the wild. This poses significant risk to federal enterprises and should be prioritized for immediate patching.

View CISA KEV Catalog

CVE-2025-6218

Low CISA KEV
Low Medium High Critical
CVSS Score
Published: Jun 21, 2025
Last Modified: Dec 10, 2025

Vulnerability Description

RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the handling of file paths within archive files. A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27198.

Known Affected Software

59 configuration(s) from 1 vendor(s)

winrar
Version:
3.41
CPE:
cpe:2.3:a:rarlab:winrar:3.41:*:*:*:*:*:*:*
winrar
Version:
3.50
CPE:
cpe:2.3:a:rarlab:winrar:3.50:*:*:*:*:*:*:*
winrar
Version:
3.60_beta4
CPE:
cpe:2.3:a:rarlab:winrar:3.60_beta4:*:*:*:*:*:*:*
winrar
Version:
3.60_beta8
CPE:
cpe:2.3:a:rarlab:winrar:3.60_beta8:*:*:*:*:*:*:*
winrar
Version:
7.01
CPE:
cpe:2.3:a:rarlab:winrar:7.01:-:*:*:*:*:*:*
winrar
Version:
3.60_beta1
CPE:
cpe:2.3:a:rarlab:winrar:3.60_beta1:*:*:*:*:*:*:*
winrar
Version:
3.60_beta6
CPE:
cpe:2.3:a:rarlab:winrar:3.60_beta6:*:*:*:*:*:*:*
winrar
Version:
3.70_beta4
CPE:
cpe:2.3:a:rarlab:winrar:3.70_beta4:*:*:*:*:*:*:*
winrar
Version:
4.1.0
CPE:
cpe:2.3:a:rarlab:winrar:4.1.0:*:*:*:*:*:*:*
winrar
Version:
3.0.0
CPE:
cpe:2.3:a:rarlab:winrar:3.0.0:*:*:*:*:*:*:*
winrar
Version:
3.60_beta3
CPE:
cpe:2.3:a:rarlab:winrar:3.60_beta3:*:*:*:*:*:*:*
winrar
Version:
3.70_beta5
CPE:
cpe:2.3:a:rarlab:winrar:3.70_beta5:*:*:*:*:*:*:*
winrar
Version:
3.10
CPE:
cpe:2.3:a:rarlab:winrar:3.10:*:*:*:*:*:*:*
winrar
Version:
4.20
CPE:
cpe:2.3:a:rarlab:winrar:4.20:*:*:*:*:*:*:*
winrar
Version:
3.40
CPE:
cpe:2.3:a:rarlab:winrar:3.40:*:*:*:*:*:*:*
winrar
Version:
3.70_beta2
CPE:
cpe:2.3:a:rarlab:winrar:3.70_beta2:*:*:*:*:*:*:*
winrar
Version:
5.10
CPE:
cpe:2.3:a:rarlab:winrar:5.10:*:*:*:*:*:*:*
winrar
Version:
5.30
CPE:
cpe:2.3:a:rarlab:winrar:5.30:*:*:*:*:*:*:*
winrar
Version:
5.50
CPE:
cpe:2.3:a:rarlab:winrar:5.50:*:*:*:*:*:*:*
winrar
Version:
3.61
CPE:
cpe:2.3:a:rarlab:winrar:3.61:*:*:*:*:*:*:*
winrar
Version:
3.60_beta5
CPE:
cpe:2.3:a:rarlab:winrar:3.60_beta5:*:*:*:*:*:*:*
winrar
Version:
2.90
CPE:
cpe:2.3:a:rarlab:winrar:2.90:*:*:*:*:*:*:*
winrar
Version:
4.10
CPE:
cpe:2.3:a:rarlab:winrar:4.10:*:*:*:*:*:*:*
winrar
Version:
3.70_beta6
CPE:
cpe:2.3:a:rarlab:winrar:3.70_beta6:*:*:*:*:*:*:*
winrar
Version:
5.31
CPE:
cpe:2.3:a:rarlab:winrar:5.31:*:*:*:*:*:*:*
winrar
Version:
5.00
CPE:
cpe:2.3:a:rarlab:winrar:5.00:*:*:*:*:*:*:*
winrar
Version:
5.61
CPE:
cpe:2.3:a:rarlab:winrar:5.61:*:*:*:*:*:*:*
winrar
Version:
3.62
CPE:
cpe:2.3:a:rarlab:winrar:3.62:*:*:*:*:*:*:*
winrar
Version:
7.00
CPE:
cpe:2.3:a:rarlab:winrar:7.00:-:*:*:*:*:*:*
winrar
Version:
6.21
CPE:
cpe:2.3:a:rarlab:winrar:6.21:-:*:*:*:*:*:*
winrar
Version:
4.11
CPE:
cpe:2.3:a:rarlab:winrar:4.11:*:*:*:*:*:*:*
winrar
Version:
7.11
CPE:
cpe:2.3:a:rarlab:winrar:7.11:-:*:*:*:*:*:*
winrar
Version:
5.01
CPE:
cpe:2.3:a:rarlab:winrar:5.01:*:*:*:*:*:*:*
winrar
Version:
3.20
CPE:
cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*
winrar
Version:
5.70
CPE:
cpe:2.3:a:rarlab:winrar:5.70:beta1:*:*:*:*:*:*
winrar
Version:
3.10_beta5
CPE:
cpe:2.3:a:rarlab:winrar:3.10_beta5:*:*:*:*:*:*:*
winrar
Version:
3.42
CPE:
cpe:2.3:a:rarlab:winrar:3.42:*:*:*:*:*:*:*
winrar
Version:
3.70_beta3
CPE:
cpe:2.3:a:rarlab:winrar:3.70_beta3:*:*:*:*:*:*:*
winrar
Version:
6.23
CPE:
cpe:2.3:a:rarlab:winrar:6.23:*:*:*:*:*:*:*
winrar
Version:
7.10
CPE:
cpe:2.3:a:rarlab:winrar:7.10:-:*:*:*:*:*:*
winrar
Version:
6.11
CPE:
cpe:2.3:a:rarlab:winrar:6.11:*:*:*:*:*:*:*
winrar
Version:
6.24
CPE:
cpe:2.3:a:rarlab:winrar:6.24:-:*:*:*:*:*:*
winrar
Version:
3.11
CPE:
cpe:2.3:a:rarlab:winrar:3.11:*:*:*:*:*:*:*
winrar
Version:
3.60_beta7
CPE:
cpe:2.3:a:rarlab:winrar:3.60_beta7:*:*:*:*:*:*:*
winrar
Version:
5.20
CPE:
cpe:2.3:a:rarlab:winrar:5.20:*:*:*:*:*:*:*
winrar
Version:
5.11
CPE:
cpe:2.3:a:rarlab:winrar:5.11:*:*:*:*:*:*:*
winrar
Version:
3.51
CPE:
cpe:2.3:a:rarlab:winrar:3.51:*:*:*:*:*:*:*
winrar
Version:
3.70_beta7
CPE:
cpe:2.3:a:rarlab:winrar:3.70_beta7:*:*:*:*:*:*:*
winrar
Version:
3.60_beta2
CPE:
cpe:2.3:a:rarlab:winrar:3.60_beta2:*:*:*:*:*:*:*
winrar
Version:
3.70_beta1
CPE:
cpe:2.3:a:rarlab:winrar:3.70_beta1:*:*:*:*:*:*:*
winrar
Version:
3.70_beta8
CPE:
cpe:2.3:a:rarlab:winrar:3.70_beta8:*:*:*:*:*:*:*
winrar
Version:
4.00
CPE:
cpe:2.3:a:rarlab:winrar:4.00:*:*:*:*:*:*:*
winrar
Version:
5.21
CPE:
cpe:2.3:a:rarlab:winrar:5.21:*:*:*:*:*:*:*
winrar
Version:
5.40
CPE:
cpe:2.3:a:rarlab:winrar:5.40:*:*:*:*:*:*:*
winrar
Version:
3.30
CPE:
cpe:2.3:a:rarlab:winrar:3.30:*:*:*:*:*:*:*
winrar
Version:
6.20
CPE:
cpe:2.3:a:rarlab:winrar:6.20:-:*:*:*:*:*:*
winrar
Version:
3.10_beta3
CPE:
cpe:2.3:a:rarlab:winrar:3.10_beta3:*:*:*:*:*:*:*
winrar
Version:
4.10.2
CPE:
cpe:2.3:a:rarlab:winrar:4.10.2:*:*:*:*:*:*:*
winrar
Version:
4.01
CPE:
cpe:2.3:a:rarlab:winrar:4.01:*:*:*:*:*:*:*
This vulnerability affects 59 software configuration(s). Ensure you patch all affected systems.

References & Resources

Severity Details

out of 10.0
Low

CISA KEV Status

Active Exploitation

Listed in CISA's Known Exploited Vulnerabilities catalog

View on CISA KEV

Key Information

Published Date
June 21, 2025

External Resources

NIST
NIST NVD
National Vulnerability Database
CD
CVE Details
Detailed vulnerability info
MT
MITRE CVE
Official CVE record