Detections
Analytics
RARLAB WinRAR < 7.12 Beta 1 Directory Traversal Remote Code Execution (CVE-2025-6218)
high Nessus Plugin ID 242073
Synopsis
The remote Windows host has an application installed which is affected by a directory traversal remote code execution vulnerability.Description
The remote host is running RARLAB WinRAR, an archive manager for Windows, whose reported version is prior to 7.12 Beta 1. It is, therefore, affected by a vulnerability:- RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of file paths within archive files. A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27198. (CVE-2025-6218)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Upgrade to RARLAB WinRAR version 7.12 Beta 1 or later.See Also
Plugin Details
Severity: High
ID: 242073
File Name: winrar_7_12_Beta_1.nasl
Version: 1.1
Type: local
Agent: windows
Family: Windows
Published: 7/14/2025
Updated: 7/14/2025
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.4
CVSS v2
Risk Factor: High
Base Score: 7.2
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2025-6218
CVSS v3
Risk Factor: High
Base Score: 7.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Information
CPE: cpe:/a:rarlab:winrar
Required KB Items: SMB/Registry/Enumerated, installed_sw/RARLAB WinRAR
Patch Publication Date: 6/24/2025
Vulnerability Publication Date: 6/24/2025
Reference Information
CVE: CVE-2025-6218
IAVA: 2025-A-0227
ZDI: ZDI-25-409