CVE-2025-6218

This PoC demonstrates a vulnerability in WinRAR (CVE-2025-6218) where a crafted ZIP archive can place a batch file in the Windows Startup folder, leading to arbitrary code execution upon user login. The exploit leverages WinRAR's handling of archive extraction paths.

This repository provides a detailed writeup and demonstration of CVE-2025-6218, a path traversal vulnerability in WinRAR versions 7.11 and earlier. It includes instructions for setting up a vulnerable environment and observing how a malicious RAR file can overwrite files outside the extraction directory using relative paths.

This repository provides a detailed proof-of-concept for CVE-2025-6218, a directory traversal vulnerability in WinRAR versions ≤ 7.11. It includes step-by-step instructions to exploit the flaw, allowing an attacker to place malicious files in sensitive locations like the Windows Startup folder, potentially leading to remote code execution.

This repository contains a proof-of-concept exploit for CVE-2025-6218, a WinRAR path traversal vulnerability that can lead to remote code execution. The PoC demonstrates how crafted file paths in RAR archives can bypass sanitization checks to achieve arbitrary file writes.

This repository contains a Python script that generates a malicious ZIP archive exploiting a directory traversal vulnerability in WinRAR (CVE-2025-6218). The script crafts file paths to extract a payload into the Windows Startup folder, achieving remote code execution upon extraction.

This repository contains a proof-of-concept exploit for CVE-2025-6218, a critical path traversal vulnerability in WinRAR that allows arbitrary code execution. The exploit leverages malformed RAR archives to write files to arbitrary locations, such as the Startup folder, enabling persistence and remote code execution.