#winrar

[ follow ]
#cve-2025-8088 #path-traversal #cybersecurity #alternate-data-streams #rats #state-backed-actors
#cve-2025-8088
fromSecurityWeek
3 months ago
Information security

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability

A WinRAR path traversal vulnerability (CVE-2025-8088) enables arbitrary code execution via crafted RAR archives and has been widely exploited by state-sponsored and criminal actors.
fromThe Hacker News
8 months ago
Privacy professionals

WinRAR Zero-Day Under Active Exploitation - Update to Latest Version Immediately

WinRAR released an update addressing CVE-2025-8088, a zero-day vulnerability causing path traversal and allowing arbitrary code execution.
more#cve-2025-8088
fromThe Hacker News
4 months ago

Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups

The vulnerability, tracked as CVE-2025-6218 (CVSS score: 7.8), is a path traversal bug that could enable code execution. However, for exploitation to succeed, it requires a prospective target to visit a malicious page or open a malicious file. 'RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user,' CISA said in an alert.
Information security
fromIT Pro
10 months ago

Using WinRAR? Update now to avoid falling victim to this file path flaw

A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user.
Information security
[ Load more ]