CVE-2025-6218: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in RARLAB WinRAR
CVE-2025-6218 is a high-severity path traversal vulnerability in RARLAB WinRAR version 7. 11 (64-bit) that allows remote attackers to execute arbitrary code. The flaw exists in the handling of file paths within archive files, enabling crafted paths to traverse directories improperly. Exploitation requires user interaction, such as opening a malicious file or visiting a malicious page. The vulnerability permits code execution with the privileges of the current user.
AI Analysis
Technical Summary
This vulnerability in WinRAR 7.11 (64-bit) involves improper limitation of a pathname to a restricted directory (CWE-22), allowing an attacker to craft archive file paths that cause directory traversal. This can lead to remote code execution when a user opens a malicious archive or visits a malicious page. The CVSS 3.0 base score is 7.8, indicating high severity, with attack vector local, low attack complexity, no privileges required, user interaction required, and impacts to confidentiality, integrity, and availability.
Potential Impact
Successful exploitation allows remote attackers to execute arbitrary code on affected systems with the privileges of the current user. This can lead to full compromise of user data and system integrity. The vulnerability requires user interaction, limiting automated exploitation but still posing a significant risk.
Mitigation Recommendations
No official patch or fix is currently available for this vulnerability. Users should exercise caution when opening archive files from untrusted sources or visiting untrusted web pages. Monitor the vendor's advisory channels for updates and apply patches promptly once released. Until a fix is available, avoid opening suspicious archives to mitigate risk.
CVE-2025-6218: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in RARLAB WinRAR
Description
CVE-2025-6218 is a high-severity path traversal vulnerability in RARLAB WinRAR version 7. 11 (64-bit) that allows remote attackers to execute arbitrary code. The flaw exists in the handling of file paths within archive files, enabling crafted paths to traverse directories improperly. Exploitation requires user interaction, such as opening a malicious file or visiting a malicious page. The vulnerability permits code execution with the privileges of the current user.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in WinRAR 7.11 (64-bit) involves improper limitation of a pathname to a restricted directory (CWE-22), allowing an attacker to craft archive file paths that cause directory traversal. This can lead to remote code execution when a user opens a malicious archive or visits a malicious page. The CVSS 3.0 base score is 7.8, indicating high severity, with attack vector local, low attack complexity, no privileges required, user interaction required, and impacts to confidentiality, integrity, and availability.
Potential Impact
Successful exploitation allows remote attackers to execute arbitrary code on affected systems with the privileges of the current user. This can lead to full compromise of user data and system integrity. The vulnerability requires user interaction, limiting automated exploitation but still posing a significant risk.
Mitigation Recommendations
No official patch or fix is currently available for this vulnerability. Users should exercise caution when opening archive files from untrusted sources or visiting untrusted web pages. Monitor the vendor's advisory channels for updates and apply patches promptly once released. Until a fix is available, avoid opening suspicious archives to mitigate risk.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- zdi
- Date Reserved
- 2025-06-17T21:51:12.763Z
- Cvss Version
- 3.0
- State
- PUBLISHED
Threat ID: 68568e80aded773421b5a78b
Added to database: 6/21/2025, 10:50:40 AM
Last enriched: 4/14/2026, 11:01:49 AM
Last updated: 5/10/2026, 11:00:37 AM
Views: 216
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.