CVE-2025-55188

LOW

7-Zip < 25.01 - Improper Link Resolution During Extraction

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-55188. PoCs published by hunters-sec, lunbun.

AI-analyzed exploit summary This PoC demonstrates CVE-2025-55188, a symlink arbitrary file write vulnerability in 7-Zip versions prior to 25.01. It crafts a malicious archive that, when extracted, overwrites arbitrary files via symbolic link traversal.

Description

7-Zip before 25.01 does not always properly handle symbolic links during extraction.

Exploits (2)

nomisec WORKING POC 33 stars

by hunters-sec · poc

https://github.com/hunters-sec/CVE-2025-55188-7z-exploit

View Code ZIP pw:eip

This PoC demonstrates CVE-2025-55188, a symlink arbitrary file write vulnerability in 7-Zip versions prior to 25.01. It crafts a malicious archive that, when extracted, overwrites arbitrary files via symbolic link traversal.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: 7-Zip < 25.01

No auth needed

Prerequisites: vulnerable 7-Zip version · ability to deliver and extract malicious archive

MITRE ATT&CK

T1059.004 - Unix Shell T1204 - User Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 8 stars

by lunbun · poc

https://github.com/lunbun/CVE-2025-55188

View Code ZIP pw:eip

This repository contains proof-of-concept exploits for CVE-2025-55188, demonstrating arbitrary file write and code execution in 7-Zip via symlink and hardlink path traversal techniques. The exploits target both Linux and Windows systems by crafting malicious archive files.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: 7-Zip versions prior to 25.01

No auth needed

Prerequisites: Victim must extract a malicious archive file

MITRE ATT&CK