Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-20250
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
绝对路径遍历
Source: NVD (National Vulnerability Database)
Vulnerability Title
WinRar 路径遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
WinRAR是一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 WinRar中存在目录遍历漏洞。该漏洞源于WinRAR在解压处理ACE格式的文件过程中,未对ACE文件头结构中的“filename”字段进行充分过滤。攻击者可利用该漏洞以提升的权限执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
Check Point Software Technologies Ltd.WinRAR All versions prior and including 5.61 -
II. Public POCs for CVE-2018-20250
#POC DescriptionSource LinkShenlong Link
1exp for https://research.checkpoint.com/extracting-code-execution-from-winrarhttps://github.com/WyAtu/CVE-2018-20250POC Details
2010 Editor template for ACE archive format & CVE-2018-2025[0-3]https://github.com/QAX-A-Team/CVE-2018-20250POC Details
3Nonehttps://github.com/nmweizi/CVE-2018-20250-poc-winrarPOC Details
4A version of the binary patched to address CVE-2018-20250https://github.com/blunden/UNACEV2.DLL-CVE-2018-20250POC Details
5Proof of concept code in C# to exploit the WinRAR ACE file extraction path (CVE-2018-20250).https://github.com/easis/CVE-2018-20250-WinRAR-ACEPOC Details
6Nonehttps://github.com/STP5940/CVE-2018-20250POC Details
7WinRar is a very widely known software for windows. Previous version of WinRaR was a vulnerability which has been patched in Feb-2019. Most of the people didn't update winrar so they are vulnerable in this Absolute Path Traversal bug [CVE-2018-20250]https://github.com/technicaldada/hack-winrarPOC Details
8Python tool exploiting CVE-2018-20250 found by CheckPoint folkshttps://github.com/Ektoplasma/ezwinrarPOC Details
9CVE-2018-20250-WINRAR-ACE Exploit with a UIhttps://github.com/arkangel-dev/CVE-2018-20250-WINRAR-ACE-GUIPOC Details
10Nonehttps://github.com/AeolusTF/CVE-2018-20250POC Details
11Herramienta para revisar si es que un payload tiene componente malicioso de acuerdo a CVE-2018-20250https://github.com/joydragon/Detect-CVE-2018-20250POC Details
12This program is an script developed in Python which exploit the ACE vulnerability on WinRar - Vulnerability CVE-2018-20250https://github.com/DANIELVISPOBLOG/WinRar_ACE_exploit_CVE-2018-20250POC Details
13Nonehttps://github.com/likescam/CVE-2018-20250POC Details
14CVE-2018-20250漏洞利用https://github.com/lxg5763/cve-2018-20250POC Details
15CVE-2018-20250https://github.com/zeronohacker/CVE-2018-20250POC Details
16Nonehttps://github.com/tzwlhack/CVE-2018-20250POC Details
17Nonehttps://github.com/tannlh/CVE-2018-20250POC Details
18Nonehttps://github.com/LamSonBinh/CVE-2018-20250POC Details
19Nonehttps://github.com/winrar-7/CVE-2018-20250-WinRAR-ACEPOC Details
20This program is an script developed in Python which exploit the ACE vulnerability on WinRar - Vulnerability CVE-2018-20250https://github.com/H4xl0r/WinRar_ACE_exploit_CVE-2018-20250POC Details
21Nonehttps://github.com/likekabin/CVE-2018-20250POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2018-20250
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: WinRAR
Same vendor: Check Point Software Technologies Ltd.
Same weakness: CWE-36
V. Comments for CVE-2018-20250

No comments yet

Leave a comment