Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-11579 PoC — rardecode 安全漏洞

Source
https://github.com/shinigami-777/PoC_CVE-2025-11579
Associated Vulnerability
Title:rardecode 安全漏洞 (CVE-2025-11579)
Description:rardecode是Nicholas Waples个人开发者的一个用于阅读RAR文件的golang包。 rardecode 2.1.1及之前版本存在安全漏洞,该漏洞源于未限制字典大小,攻击者可提供特制RAR文件导致内存耗尽崩溃。
Description
Proof of Concept for CVE-2025-11579
Readme
# PoC CVE-2025-11579

### Overview
rardecode versions `<= 2.1.1` fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash.

### Exploit
We craft a RAR file with an artificially large dictionary size causing the library to attempt massive memory allocations and then have an Out of Memory Crash.

### Exploit Steps
1. Use the `14Gb.rar` file and do `go run exploit.go`.
<img width="980" height="401" alt="proof" src="https://github.com/user-attachments/assets/44418ebc-6ca4-4324-aa43-08abdab8d842" />

2. Use the normal `simple.rar` provided and run the exploit. It is successfully extracted.
<img width="576" height="65" alt="proof2" src="https://github.com/user-attachments/assets/31e3f57b-505e-4db5-9925-dbec204f20d3" />
File Snapshot

 [4.0K]  /data/pocs/597e36067f6298cea0e8ef062f23fc015a641619
├── [598K]  14Gb.rar
├── [1009]  exploit.go
├── [  95]  go.mod
├── [ 181]  go.sum
├── [1.1K]  LICENSE
├── [ 864]  README.md
└── [  87]  simple.rar

1 directory, 7 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.