CNNVD-202506-2837 Information
Jun 21, 2025
cve
CNNVD ID
CNNVD-202506-2837
Related CVE
- CNNVD Published: 2025-06-21
Description (Chinese)
WinRAR是WinRAR公司的一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 WinRAR存在路径遍历漏洞,该漏洞源于处理存档文件路径不当,可能导致目录遍历和远程代码执行。
Description (English)
WinRAR is a file compressor for WinRAR. The product supports the compression and decompression of documents in RAR, ZIP, etc. WinRAR has a loophole in its path, which stems from the inappropriate path of processing archived files, which may lead to directory history and remote code execution.
Hazard Level
Medium
Vulnerability Type
路径遍历
Affected Vendor
WinRAR
Published
2025-06-21
Last Modified
2026-02-24
References
https://www.win-rar.com/singlenewsview.html?&tx_ttnews%5Btt_news%5D=276&cHash=388885bd3908a40726f535c026f94eb6 https://www.zerodayinitiative.com/advisories/ZDI-25-409/
Patch
https://www.win-rar.com/download.html?&L=0
Share on: