CVE-2025-11001 PoC — 7-Zip 路径遍历漏洞

Source

https://github.com/ranasen-rat/CVE-2025-11001

Associated Vulnerability

Title:7-Zip 路径遍历漏洞 (CVE-2025-11001)
Description:7-Zip是7-Zip开源的一个压缩软件。 7-Zip存在路径遍历漏洞，该漏洞源于处理ZIP文件中的符号链接不当，可能导致远程代码执行。

Readme

# Usage:

```
python3 exploit.py -t "C:\Users\pac\Desktop" -o demo.zip --data-file calc.exe
```

# Exploiting 7-zip

The vulnerability is only exploitable on windows and has one major caveat.The bug can only be exploited when 7-Zip is ran with Admin privileges for this vulnerability to be succesfully exploited. This is because it the 7-zip process creates a symlink, which is a privileged operation on windows. 

Hence the exploitation only makes sense when 7-Zip is used by a service account.

You can find more info about the vulnerability in my blog post [https://pacbypass.github.io/2025/10/16/diffing-7zip-for-cve-2025-11001.html](https://pacbypass.github.io/2025/10/16/diffing-7zip-for-cve-2025-11001.html)

Vulnerable versions: 21.02 - 25.00

File Snapshot


 [4.0K]  /data/pocs/23518cef1d79f3c67fbf4f13a2f4fa3e5ee1bf49
├── [2.3K]  exploit.py
└── [ 751]  README.md

1 directory, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.