CNNVD-202508-753 Information

CNNVD ID

CNNVD-202508-753

Related CVE

CVE-2025-8088

• CNNVD Published: 2025-08-08

Description (Chinese)

WinRAR是WinRAR公司的一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 WinRAR存在安全漏洞，该漏洞源于路径遍历问题，可能导致任意代码执行。

Description (English)

WinRAR is a file compressor for WinRAR. The product supports the compression and decompression of documents in RAR, ZIP, etc. WinRAR has a security loophole, which stems from a routing problem that may lead to arbitrary code implementation.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

WinRAR

Published

2025-08-08

Last Modified

2026-02-24

References

https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=283&cHash=a64b4a8f662d3639dec8d65f47bc93c5 https://www.welivesecurity.com/en/eset-research/update-winrar-tools-now-romcom-and-others-exploiting-zero-day-vulnerability/#the-discovery-of-cve-2025-8088 https://www.vicarius.io/vsociety/posts/cve-2025-8088-mitigate-winrar-zero-day-using-srp-and-ifeo https://www.vicarius.io/vsociety/posts/cve-2025-8088-detect-winrar-zero-day https://support.dtsearch.com/faq/dts0245.htm https://nvd.nist.gov/vuln/detail/CVE-2025-8088 https://access.redhat.com/security/cve/cve-2025-8088

Patch

https://www.win-rar.com/download.html?&L=0