HIGH🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2018-20250

CVSS 7.8v3.1pub. 2019-02-05upd. 2025-10-31

In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Rarlab Winrar

    APP
    Rarlab
    ≤ 5.61

CISA KEV — detailsi

Vendori
RARLAB
Producti
WinRAR
Added to KEVi
February 15, 2022
Remediation deadline (US Federal)i
August 15, 2022(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

WinRAR Absolute Path Traversal vulnerability leads to Remote Code Execution

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 15 sierpnia 2022
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2025-8088HIGH8.4⚠ KEVten sam produkt

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitra...

CVE-2025-6218HIGH7.8⚠ KEVten sam produkt

RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attack...

CVE-2023-38831HIGH7.8⚠ KEVten sam produkt

RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign fil...

CVE-2024-36052HIGH7.5ten sam produkt

RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, ...

CVE-2023-40477HIGH7.8ten sam produkt

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vul...