DEV Community

Cover image for CVE-2025-8088: RARLAB WinRAR Path Traversal Vulnerability
Freedom Coder
Freedom Coder

Posted on • Originally published at scyscan.com

CVE-2025-8088: RARLAB WinRAR Path Traversal Vulnerability

CVE ID

CVE-2025-8088

Vulnerability Name

RARLAB WinRAR Path Traversal Vulnerability

  • Project: RARLAB
  • Product: WinRAR

Date

  • Date Added: 2025-08-12
  • Due Date: 2025-09-02

Description

RARLAB WinRAR contains a path traversal vulnerability affecting the Windows version of WinRAR. This vulnerability could allow an attacker to execute arbitrary code by crafting malicious archive files.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=283&cHash=a64b4a8f662d3639dec8d65f47bc93c5 ; https://nvd.nist.gov/vuln/detail/CVE-2025-8088

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List

Top comments (0)