CVE-2025-31334

MEDIUM

WinRAR <7.11 - RCE

Title source: llm

Description

Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link specially crafted by an attacker is opened on the affected product, arbitrary code may be executed.

References (2)

[Third Party Advisory] https://jvn.jp/en/jp/JVN59547048/

[Release Notes] https://www.win-rar.com/start.html?&L=0

Scores

CVSS v3 6.8

EPSS 0.0039

EPSS Percentile 59.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-356

Status published

Products (1)

rarlab/winrar < 7.11

Published Apr 03, 2025

Tracked Since Feb 18, 2026