CVE-2025-8088 - RARLAB WinRAR Path Traversal Vulnerability

Vulnerability Name

RARLAB WinRAR Path Traversal Vulnerability

Description

RARLAB WinRAR contains a path traversal vulnerability affecting the Windows version of WinRAR. This vulnerability could allow an attacker to execute arbitrary code by crafting malicious archive files.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=283&cHash=a64b4a8f662d3639dec8d65f47bc93c5

https://nvd.nist.gov/vuln/detail/CVE-2025-8088

Related News Articles

From Log4j to IIS, China's Hackers Turn Legacy Bugs into Global Espionage ToolsNovember 8, 2025

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on UkraineNovember 6, 2025

Russian Hackers Target Ukrainian Organizations Using Stealthy Living-Off-the-Land TacticsOctober 29, 2025

APT36 Targets Indian Government with Golang-Based DeskRAT Malware CampaignOctober 24, 2025